Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-11358 (GCVE-0-2019-11358)
Vulnerability from cvelistv5 – Published: 2019-04-19 00:00 – Updated: 2024-11-15 15:11
VLAI?
EPSS
Summary
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:48:09.199Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.drupal.org/sa-core-2019-006"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_19"
},
{
"name": "DSA-4434",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4434"
},
{
"name": "20190421 [SECURITY] [DSA 4434-1] drupal7 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Apr/32"
},
{
"name": "108023",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108023"
},
{
"name": "[airflow-commits] 20190428 [GitHub] [airflow] feng-tao commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E"
},
{
"name": "[airflow-commits] 20190428 [GitHub] [airflow] feng-tao opened a new pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E"
},
{
"name": "[airflow-commits] 20190428 [GitHub] [airflow] codecov-io commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E"
},
{
"name": "[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG merged pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E"
},
{
"name": "[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E"
},
{
"name": "[debian-lts-announce] 20190506 [SECURITY] [DLA 1777-1] jquery security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html"
},
{
"name": "FEDORA-2019-eba8e44ee6",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/"
},
{
"name": "FEDORA-2019-1a3edd7e8a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/"
},
{
"name": "FEDORA-2019-7eaf0bbe7c",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/"
},
{
"name": "FEDORA-2019-2a0ce0c58c",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/"
},
{
"name": "FEDORA-2019-a06dffab1c",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/"
},
{
"name": "FEDORA-2019-f563e66380",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/"
},
{
"name": "20190509 dotCMS v5.1.1 Vulnerabilities",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/May/18"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html"
},
{
"name": "20190510 dotCMS v5.1.1 HTML Injection \u0026 XSS Vulnerability",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/May/11"
},
{
"name": "20190510 dotCMS v5.1.1 Vulnerabilities",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/May/10"
},
{
"name": "20190510 Re: dotCMS v5.1.1 HTML Injection \u0026 XSS Vulnerability",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/May/13"
},
{
"name": "[debian-lts-announce] 20190520 [SECURITY] [DLA 1797-1] drupal7 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html"
},
{
"name": "[oss-security] 20190603 Django: CVE-2019-12308 AdminURLFieldWidget XSS (plus patched bundled jQuery for CVE-2019-11358)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/03/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html"
},
{
"name": "RHSA-2019:1456",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
},
{
"name": "DSA-4460",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4460"
},
{
"name": "20190612 [SECURITY] [DSA 4460-1] mediawiki security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Jun/12"
},
{
"name": "openSUSE-SU-2019:1839",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html"
},
{
"name": "RHBA-2019:1570",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
},
{
"name": "openSUSE-SU-2019:1872",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html"
},
{
"name": "[roller-commits] 20190820 [jira] [Created] (ROL-2150) Fix Js security vulnerabilities detected using retire js",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E"
},
{
"name": "RHSA-2019:2587",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2587"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190919-0001/"
},
{
"name": "RHSA-2019:3023",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
},
{
"name": "RHSA-2019:3024",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3024"
},
{
"name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E"
},
{
"name": "[nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2019-08"
},
{
"name": "[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E"
},
{
"name": "[debian-lts-announce] 20200224 [SECURITY] [DLA 2118-1] otrs2 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2020-02"
},
{
"name": "[syncope-dev] 20200423 Jquery version on 2.1.x/2.0.x",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E"
},
{
"name": "[flink-dev] 20200513 [jira] [Created] (FLINK-17675) Resolve CVE-2019-11358 from jquery",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20200513 [jira] [Created] (FLINK-17675) Resolve CVE-2019-11358 from jquery",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20200518 [jira] [Commented] (FLINK-17675) Resolve CVE-2019-11358 from jquery",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20200518 [jira] [Updated] (FLINK-17675) Resolve CVE-2019-11358 from jquery",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20200518 [jira] [Assigned] (FLINK-17675) Resolve CVE-2019-11358 from jquery",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20200520 [jira] [Closed] (FLINK-17675) Resolve CVE-2019-11358 from jquery",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"name": "[storm-dev] 20200708 [GitHub] [storm] Crim opened a new pull request #3305: [STORM-3553] Upgrade jQuery from 1.11.1 to 3.5.1",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://backdropcms.org/security/backdrop-sa-core-2019-009"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"tags": [
"x_transferred"
],
"url": "https://snyk.io/vuln/SNYK-JS-JQUERY-174006"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/jquery/jquery/pull/4333"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1"
},
{
"name": "[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-11358",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-20T15:03:16.892088Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T15:11:23.024Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-31T02:06:52.187292",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.drupal.org/sa-core-2019-006"
},
{
"url": "https://www.synology.com/security/advisory/Synology_SA_19_19"
},
{
"name": "DSA-4434",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4434"
},
{
"name": "20190421 [SECURITY] [DSA 4434-1] drupal7 security update",
"tags": [
"mailing-list"
],
"url": "https://seclists.org/bugtraq/2019/Apr/32"
},
{
"name": "108023",
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/108023"
},
{
"name": "[airflow-commits] 20190428 [GitHub] [airflow] feng-tao commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E"
},
{
"name": "[airflow-commits] 20190428 [GitHub] [airflow] feng-tao opened a new pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E"
},
{
"name": "[airflow-commits] 20190428 [GitHub] [airflow] codecov-io commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E"
},
{
"name": "[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG merged pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E"
},
{
"name": "[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E"
},
{
"name": "[debian-lts-announce] 20190506 [SECURITY] [DLA 1777-1] jquery security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html"
},
{
"name": "FEDORA-2019-eba8e44ee6",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/"
},
{
"name": "FEDORA-2019-1a3edd7e8a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/"
},
{
"name": "FEDORA-2019-7eaf0bbe7c",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/"
},
{
"name": "FEDORA-2019-2a0ce0c58c",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/"
},
{
"name": "FEDORA-2019-a06dffab1c",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/"
},
{
"name": "FEDORA-2019-f563e66380",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/"
},
{
"name": "20190509 dotCMS v5.1.1 Vulnerabilities",
"tags": [
"mailing-list"
],
"url": "https://seclists.org/bugtraq/2019/May/18"
},
{
"url": "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html"
},
{
"name": "20190510 dotCMS v5.1.1 HTML Injection \u0026 XSS Vulnerability",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2019/May/11"
},
{
"name": "20190510 dotCMS v5.1.1 Vulnerabilities",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2019/May/10"
},
{
"name": "20190510 Re: dotCMS v5.1.1 HTML Injection \u0026 XSS Vulnerability",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2019/May/13"
},
{
"name": "[debian-lts-announce] 20190520 [SECURITY] [DLA 1797-1] drupal7 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html"
},
{
"name": "[oss-security] 20190603 Django: CVE-2019-12308 AdminURLFieldWidget XSS (plus patched bundled jQuery for CVE-2019-11358)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/03/2"
},
{
"url": "http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html"
},
{
"name": "RHSA-2019:1456",
"tags": [
"vendor-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
},
{
"name": "DSA-4460",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4460"
},
{
"name": "20190612 [SECURITY] [DSA 4460-1] mediawiki security update",
"tags": [
"mailing-list"
],
"url": "https://seclists.org/bugtraq/2019/Jun/12"
},
{
"name": "openSUSE-SU-2019:1839",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html"
},
{
"name": "RHBA-2019:1570",
"tags": [
"vendor-advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
},
{
"name": "openSUSE-SU-2019:1872",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html"
},
{
"name": "[roller-commits] 20190820 [jira] [Created] (ROL-2150) Fix Js security vulnerabilities detected using retire js",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E"
},
{
"name": "RHSA-2019:2587",
"tags": [
"vendor-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2587"
},
{
"url": "https://security.netapp.com/advisory/ntap-20190919-0001/"
},
{
"name": "RHSA-2019:3023",
"tags": [
"vendor-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
},
{
"name": "RHSA-2019:3024",
"tags": [
"vendor-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3024"
},
{
"name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E"
},
{
"name": "[nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E"
},
{
"url": "https://www.tenable.com/security/tns-2019-08"
},
{
"name": "[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E"
},
{
"name": "[debian-lts-announce] 20200224 [SECURITY] [DLA 2118-1] otrs2 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html"
},
{
"url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html"
},
{
"url": "https://www.tenable.com/security/tns-2020-02"
},
{
"name": "[syncope-dev] 20200423 Jquery version on 2.1.x/2.0.x",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E"
},
{
"name": "[flink-dev] 20200513 [jira] [Created] (FLINK-17675) Resolve CVE-2019-11358 from jquery",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20200513 [jira] [Created] (FLINK-17675) Resolve CVE-2019-11358 from jquery",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20200518 [jira] [Commented] (FLINK-17675) Resolve CVE-2019-11358 from jquery",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20200518 [jira] [Updated] (FLINK-17675) Resolve CVE-2019-11358 from jquery",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20200518 [jira] [Assigned] (FLINK-17675) Resolve CVE-2019-11358 from jquery",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20200520 [jira] [Closed] (FLINK-17675) Resolve CVE-2019-11358 from jquery",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"name": "[storm-dev] 20200708 [GitHub] [storm] Crim opened a new pull request #3305: [STORM-3553] Upgrade jQuery from 1.11.1 to 3.5.1",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"url": "https://backdropcms.org/security/backdrop-sa-core-2019-009"
},
{
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"url": "https://snyk.io/vuln/SNYK-JS-JQUERY-174006"
},
{
"url": "https://github.com/jquery/jquery/pull/4333"
},
{
"url": "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b"
},
{
"url": "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"
},
{
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1"
},
{
"name": "[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-11358",
"datePublished": "2019-04-19T00:00:00",
"dateReserved": "2019-04-19T00:00:00",
"dateUpdated": "2024-11-15T15:11:23.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2019-11358\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-04-20T00:29:00.247\",\"lastModified\":\"2024-11-21T04:20:56.320\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.\"},{\"lang\":\"es\",\"value\":\"jQuery, en versiones anteriores a 3.4.0, como es usado en Drupal, Backdrop CMS, y otros productos, maneja mal jQuery.extend(true, {}, ...) debido a la contaminaci\u00f3n de Object.prototype. Si un objeto fuente no sanitizado conten\u00eda una propiedad enumerable __proto__, podr\u00eda extender el Object.prototype nativo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1321\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.4.0\",\"matchCriteriaId\":\"D2D193C7-2259-492F-8B85-E74C57A7426A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0\",\"versionEndExcluding\":\"7.66\",\"matchCriteriaId\":\"FC5AB839-4DAC-45E7-9D0B-B528F6D12043\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.5.0\",\"versionEndExcluding\":\"8.5.15\",\"matchCriteriaId\":\"9106BF81-B898-4EB0-B63C-9919D3B22260\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.6.0\",\"versionEndExcluding\":\"8.6.15\",\"matchCriteriaId\":\"9B37281E-9B44-42A5-AE0A-17CE6770995C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.11.0\",\"versionEndExcluding\":\"1.11.9\",\"matchCriteriaId\":\"E75C32CE-3FA9-4DC2-A22A-4A841D4911EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.12.0\",\"versionEndExcluding\":\"1.12.6\",\"matchCriteriaId\":\"F6F204D6-2C8A-4517-8E3C-328ED0D9D3E4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D100F7CE-FC64-4CC6-852A-6136D72DA419\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97A4B8DF-58DA-4AB6-A1F9-331B36409BA3\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"40513095-7E6E-46B3-B604-C926F1BA3568\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B620311B-34A3-48A6-82DF-6F078D7A4493\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0\",\"versionEndIncluding\":\"3.1.3\",\"matchCriteriaId\":\"B9273745-6408-4CD3-94E8-9385D4F5FE69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDFB1169-41A0-4A86-8E4F-FDA9730B1E94\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:cloudforms:4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04AC556D-D511-4C4C-B9FB-A089BB2FEFD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FA1A18F-D997-4121-A01B-FD9B3BF266CF\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"230E2167-9107-4994-8328-295575E17DF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A079FD6E-3BB0-4997-9A8E-6F8FEC89887A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"900D2344-5160-42A0-8C49-36DBC7FF3D87\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4AA4B21-1BA9-4ED8-B9EA-558AF8655D24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C3F9EE5-FCFC-45B8-9F57-C05D42EE0FF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"19.1\",\"matchCriteriaId\":\"90CFEC52-A574-493E-A2AC-0EC21851BBFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_service_level_management:13.2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3665B8A2-1F1A-490F-B01D-5B3455A6A539\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_service_level_management:13.3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8577D60-A711-493D-9246-E49D0E2B07E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_testing_suite:12.5.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17EA8B91-7634-4636-B647-1049BA7CA088\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_testing_suite:13.1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B4DF46F-DBCC-41F2-A260-F83A14838F23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_testing_suite:13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E5BC0B6-0C66-4FC5-81F0-6AC9BEC0813E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_testing_suite:13.2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10F17843-32EA-4C31-B65C-F424447BEF7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_testing_suite:13.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C784CEE8-F071-4583-A72D-F46C7C95FEC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A125E817-F974-4509-872C-B71933F42AD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBE7BF09-B89C-4590-821E-6C0587E096B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADAE8A71-0BCD-42D5-B38C-9B2A27CC1E6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7231D2D-4092-44F3-B60A-D7C9ED78AFDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7BDFC10-45A0-46D8-AB92-4A5E2C1C76ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18127694-109C-4E7E-AE79-0BA351849291\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33F68878-BC19-4DB8-8A72-BD9FE3D0ACEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_enterprise_collections:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.7.0\",\"versionEndIncluding\":\"2.8.0\",\"matchCriteriaId\":\"660DB443-6250-4956-ABD1-C6A522B8DCCA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.4.0\",\"versionEndIncluding\":\"2.10.0\",\"matchCriteriaId\":\"3625D477-1338-46CB-90B1-7291D617DC39\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:bi_publisher:5.5.0.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CD806C1-CC17-47BD-8BB0-9430C4253BC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DC56004-4497-4CDD-AE76-5E3DFAE170F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"274A0CF5-41E8-42E0-9931-F7372A65B9C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:big_data_discovery:1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C4C38FF-B75B-4DF1-BFB3-C91BDD10D90E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E869C417-C0E6-4FC3-B406-45598A1D1906\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFEFE2C0-7B98-44F9-B3AD-D6EC607E90DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55D98C27-734F-490B-92D5-251805C841B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B796AC70-A220-48D8-B8CD-97CF57227962\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6039DC7-08F2-4DD9-B5B5-B6B22DD2409F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"790A89FD-6B86-49AE-9B4F-AE7262915E13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7231AF76-3D46-41C4-83E9-6E9E12940BD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E39D442D-1997-49AF-8B02-5640BE2A26CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9317C01-22AA-452B-BBBF-5FAFFFB8BEA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4534CF9-D9FD-4936-9D8C-077387028A05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D60384BD-284C-4A68-9EEF-0FAFDF0C21F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCA44E38-EB8C-4E2D-8611-B201F47520E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.4.0\",\"matchCriteriaId\":\"1A0E3537-CB5A-40BF-B42C-CED9211B8892\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C57FD3A-0CC1-4BA9-879A-8C4A40234162\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"698FB6D0-B26F-4760-9B9B-1C65FBFF2126\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F1D64BC-17BF-4DAE-B5FC-BC41F9C12DFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0\",\"versionEndIncluding\":\"6.4\",\"matchCriteriaId\":\"4E16A16E-BFA3-4D17-9B4E-B42ADE725356\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.1\",\"versionEndIncluding\":\"4.3\",\"matchCriteriaId\":\"9264AF8A-3819-40E5-BBCB-3B6C95A0D828\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D52F557F-D0A0-43D3-85F1-F10B6EBFAEDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3517A27-E6EE-497C-9996-F78171BBE90F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_operations_monitor:4.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C3CE8D5-6404-4CEB-953E-7B7961BC14D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"062E4E7C-55BB-46F3-8B61-5A663B565891\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB43DFD4-D058-4001-BD19-488E059F4532\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"086E2E5C-44EB-4C07-B298-C04189533996\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA77B994-3872-4059-854B-0974AA5593D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5682DAEB-3810-4541-833A-568C868BCE0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01BC9AED-F81D-4344-AD97-EEF19B6EA8C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8198E762-9AD9-452B-B1AF-516E52436B7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_unified_inventory_management:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0D177F6-25D9-4696-8528-3F57D91BAC12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"539DA24F-E3E0-4455-84C6-A9D96CD601B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"726DB59B-00C7-444E-83F7-CB31032482AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:diagnostic_assistant:2.12.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80B6D265-9D72-45C3-AA2C-5B186E23CDAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB654DFA-FEF9-4D00-ADB0-F3F2B6ACF13E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37209C6F-EF99-4D21-9608-B3A06D283D24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B095CC03-7077-4A58-AB25-CC5380CDCE5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7015A8CB-8FA6-423E-8307-BD903244F517\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.3.3\",\"versionEndIncluding\":\"7.3.5\",\"matchCriteriaId\":\"B5BC32AA-78BE-468B-B92A-5A0FFFA970FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.2\",\"versionEndIncluding\":\"8.1.0\",\"matchCriteriaId\":\"FA699B16-5100-4485-9BB7-85B247743B17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.4\",\"versionEndIncluding\":\"8.0.7\",\"matchCriteriaId\":\"A7E00BA1-E643-45D9-97D3-EF12C29DB262\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2ACA29E6-F393-46E5-B2B3-9158077819A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_asset_liability_management:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.4\",\"versionEndIncluding\":\"8.0.7\",\"matchCriteriaId\":\"703DA91D-3440-4C67-AA20-78F71B1376DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39B8DFFF-B037-4F29-8C8E-F4BBC3435199\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D0D0EAC-300D-44B1-AD4A-93A368D5DBA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.4\",\"versionEndIncluding\":\"8.0.7\",\"matchCriteriaId\":\"9CB2A0EB-E1C7-4206-8E64-D2EE77C1CD86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A566893-8DCF-49E4-93D0-0ACCEFD70D3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.4\",\"versionEndIncluding\":\"8.0.7\",\"matchCriteriaId\":\"A180039F-22C3-458E-967D-E07C61C69FAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00E5D719-249D-48B8-BAFC-1E14D250B3F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_data_foundation:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.4\",\"versionEndIncluding\":\"8.0.8\",\"matchCriteriaId\":\"2C5F6B8C-2044-4E68-98BD-37B0CD108434\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.6\",\"versionEndIncluding\":\"8.0.9\",\"matchCriteriaId\":\"672949B4-1989-4AA7-806F-EEC07D07F317\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_data_integration_hub:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.5\",\"versionEndIncluding\":\"8.0.7\",\"matchCriteriaId\":\"73E05211-8415-42FB-9B93-959EB03B090B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9476D1DA-C8A8-40A0-94DD-9B46C05FD461\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DEE0A37-6B9A-43FE-B3E0-8AB5CA368425\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF6A5433-A7D9-4521-9D28-E7684FB76E5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.4\",\"versionEndIncluding\":\"8.0.7\",\"matchCriteriaId\":\"AC15899F-8528-4D10-8CD5-F67121D7F293\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F727AAC6-6D9F-4B28-B07C-6A93916C43A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.4\",\"versionEndIncluding\":\"8.0.7\",\"matchCriteriaId\":\"30657F1B-D1FC-4EE6-9854-18993294A01D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51C17460-D326-4525-A7D1-0AED53E75E18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.4\",\"versionEndIncluding\":\"8.0.7\",\"matchCriteriaId\":\"30F0991A-8507-48C4-9A8E-DE5B28C46A99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A00142E6-EEB3-44BD-AB0D-0E5C5640557F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.0.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00ED7CB0-96F7-4089-9047-A3AC241139C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"005E458D-4059-4E20-A620-B25DEBCE40C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74008AEE-589F-423E-8D77-EA54C36D776A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.5.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD85DB06-692F-4E81-BEB7-1E41B438D1FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6149C89E-0111-4CF9-90CA-0662D2F75E04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CDDF6CA-6441-4606-9D2F-22A67BA46978\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FA0B592-A216-4320-A4FE-ABCA6B3E7D7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEA4D6CF-D54A-40DF-9B70-E13392D0BE19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.2\",\"versionEndIncluding\":\"8.0.7\",\"matchCriteriaId\":\"DB6C521C-F104-4E26-82F2-6F63F94108BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"397B1A24-7C95-4A73-8363-4529A7F6CFCC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"402B8642-7ACC-4F42-87A9-AB4D3B581751\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF6D5112-4055-4F89-A5B3-0DCB109481B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D262848E-AA24-4057-A747-6221BA22ADF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.4\",\"versionEndIncluding\":\"8.0.7\",\"matchCriteriaId\":\"2163B848-D684-4B17-969A-36E0866C5749\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_profitability_management:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.4\",\"versionEndIncluding\":\"8.0.7\",\"matchCriteriaId\":\"00615085-65B2-4211-A766-551842B3356F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8E565DA-91BE-44FC-A28F-579BE8D2281A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51DB64CA-8953-43BB-AEA9-D0D7E91E9FE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"669BA301-4D29-4692-823B-CDEDD2A5BD18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"419559E6-5441-4335-8FE1-6ADAAD9355DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.4\",\"versionEndIncluding\":\"8.0.7\",\"matchCriteriaId\":\"036E4450-53C6-4322-9C7D-91DA94C9A3C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_retail_customer_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.4\",\"versionEndIncluding\":\"8.0.6\",\"matchCriteriaId\":\"89C26226-A3CF-4D36-BBDA-80E298E0A51F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F67D1332-621E-4756-B205-97A5CF670A19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6748C867-0A52-452B-B4D6-DA80396F4152\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A64B5C4C-DF69-4292-A534-EDC5955CDDAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7141C66-0384-4BA1-A788-91DEB7EF1361\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06E586B3-3434-4B08-8BE3-16C528642CA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:healthcare_foundation:7.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26A1F27B-C3AC-4D13-B9B2-2D6CF65D07BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:healthcare_foundation:7.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B95E8056-51D8-4390-ADE3-661B7AE1D7CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:healthcare_foundation:7.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EFC8DAB-E5D8-420C-B800-08F8C5BF3F4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:healthcare_foundation:7.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9059A907-508B-4844-8D7B-0FA68C0DF6A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:healthcare_translational_research:3.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5ACB1D2-69CE-4B7D-9B51-D8F80E541631\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:healthcare_translational_research:3.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1F726C6-EA5A-40FF-8809-4F48E4AE6976\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:healthcare_translational_research:3.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD7C26E3-BB0D-4218-8176-319AEA2925C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:healthcare_translational_research:3.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD67072F-3CFC-480D-9360-81A05D523318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:healthcare_translational_research:3.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"652E762A-BCDD-451E-9DE3-F1555C1E4B16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A3DC116-2844-47A1-BEC2-D0675DD97148\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0F1DF3E-0F2D-4EFC-9A3E-F72149C8AE94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AC63D10-2326-4542-B345-31D45B9A7408\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:hospitality_simphony:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"19.1.0\",\"versionEndIncluding\":\"19.1.2\",\"matchCriteriaId\":\"7BFD7783-BE15-421C-A550-7FE15AB53ABF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:hospitality_simphony:18.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F7BF047-03C5-4A60-B718-E222B16DBF41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:hospitality_simphony:18.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3A73D81-3E1A-42E6-AB96-835CDD5905F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:identity_manager:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA10CA55-C155-4DAD-A109-87A80116F1A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66136D6D-FC52-40DB-B7B6-BA8B7758CE16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06514F46-544B-4404-B45C-C9584EBC3131\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BD4BF9A-BF38-460D-974D-5B3255AAF946\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_data_foundation:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.4\",\"versionEndIncluding\":\"8.0.7\",\"matchCriteriaId\":\"92D538A5-819D-4DF7-85FE-4D4EB6E230E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_ifrs_17_analyzer:8.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEDA3A88-002B-4700-9277-3187C0A3E4B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_ifrs_17_analyzer:8.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE886BC5-F807-4627-8233-2290817FE205\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0.0.0\",\"versionEndIncluding\":\"5.6.0.0\",\"matchCriteriaId\":\"B47C73D0-BE89-4D87-8765-12C507F13AFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B8AA91A-1880-43CD-938D-48EF58ACF2CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_performance_insight:8.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6B5D7DB-C70E-4926-819F-E39B79F4D0C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41684398-18A4-4DC6-B8A2-3EBAA0CBF9A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7506589-9B3B-49BA-B826-774BFDCC45B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"228DA523-4D6D-48C5-BDB0-DB1A60F23F8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"335AB6A7-3B1F-4FA8-AF08-7D64C16C4B04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdeveloper_and_adf:11.1.1.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37EB4A1D-A875-46B7-BEB0-694D1F400CF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdeveloper_and_adf:12.1.3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2233F287-6B9F-4C8A-A724-959DD3AD29AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdeveloper_and_adf:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2381FAB6-8D36-4389-98E4-74F3462654BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:knowledge:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.6.0\",\"versionEndIncluding\":\"8.6.3\",\"matchCriteriaId\":\"9E587602-BA7D-4087-BE29-ACE0B01BD590\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45CB30A1-B2C9-4BF5-B510-1F2F18B60C64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0A735B4-4F3C-416B-8C08-9CB21BAD2889\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E1E416B-920B-49A0-9523-382898C2979D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.2.0\",\"versionEndIncluding\":\"12.2.15\",\"matchCriteriaId\":\"84668F58-6511-4E53-8213-13B440F454C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:10.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D8B3B57-73D6-4402-987F-8AE723D52F94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62BF043E-BCB9-433D-BA09-7357853EE127\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:12.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F26FB80-F541-4B59-AC3C-633F49388B59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DB5E2C7-9C68-4D3B-95AD-9CBF65DE1E94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.2.0\",\"versionEndIncluding\":\"12.2.15\",\"matchCriteriaId\":\"12D3B2F0-E9C7-432B-91C6-A6C329A84B78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.2.0\",\"versionEndIncluding\":\"16.2.11\",\"matchCriteriaId\":\"06CF27F6-ADC1-480C-9D2E-2BD1E7330C32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.12.0\",\"versionEndIncluding\":\"17.12.7\",\"matchCriteriaId\":\"E4AA3854-C9FD-4287-85A0-EE7907D1E1ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"18.8.0\",\"versionEndIncluding\":\"18.8.9\",\"matchCriteriaId\":\"E8CD4002-F310-4BE4-AF7B-4BCCB17DA6FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"19.12.0\",\"versionEndIncluding\":\"19.12.4\",\"matchCriteriaId\":\"69112C56-7747-4E11-A938-85A481529F58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:15.2.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9E628E7-6CC5-418C-939F-8EEA69B222A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.7\",\"versionEndIncluding\":\"17.12\",\"matchCriteriaId\":\"08FA59A8-6A62-4B33-8952-D6E658F8DAC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D55A54FD-7DD1-49CD-BE81-0BE73990943C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82EB08C0-2D46-4635-88DF-E54F6452D3A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"202AD518-2E9B-4062-B063-9858AE1F9CE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:real-time_scheduler:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.3.0.1\",\"versionEndIncluding\":\"2.3.0.3\",\"matchCriteriaId\":\"99579D88-27C0-4B93-B2F4-69B6781BC4BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"36FC547E-861A-418C-A314-DA09A457B13A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"DF9FEE51-50E3-41E9-AA0D-272A640F85CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"E69E905F-2E1A-4462-9082-FF7B10474496\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"0F9B692C-8986-4F91-9EF4-2BB1E3B5C133\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:rest_data_services:19c:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"C5F4C40E-3ABC-4C59-B226-224262DCFF37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_back_office:14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31C7EEA3-AA72-48DA-A112-2923DBB37773\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0735989-13BD-40B3-B954-AC0529C5B53D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_central_office:14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83B5F416-56AE-4DC5-BCFF-49702463E716\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_central_office:14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58405263-E84C-4071-BB23-165D49034A00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_customer_insights:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD4AB77A-E829-4603-AF6A-97B9CD0D687F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_customer_insights:16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DE15D64-6F49-4F43-8079-0C7827384C86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36E16AEF-ACEB-413C-888C-8D250F65C180\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EFAEA84-E376-40A2-8C9F-3E0676FEC527\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_point-of-service:14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"237968A4-AE89-44DC-8BA3-D9651F88883D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_point-of-service:14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E13DF2AE-F315-4085-9172-6C8B21AF1C9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_returns_management:14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"959316A8-C3AF-4126-A242-3835ED0AD1E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDB925C6-2CBC-4D88-B9EA-F246F4F7A206\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:service_bus:11.1.1.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E2B6C75-3EB5-4BCE-B5D1-39DD3DE94139\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:service_bus:12.1.3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70BEF219-45EC-4A53-A815-42FBE20FC300\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:service_bus:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EA2023A-1AD6-41FE-A214-9D1F6021D6B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:siebel_mobile_applications:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"19.8\",\"matchCriteriaId\":\"2AA4E307-D5FA-461D-9809-BDD123AE7B74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:siebel_ui_framework:20.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98B9198C-11DF-4E80-ACFC-DC719CED8C7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"587EE4F3-E7AC-4A69-9476-0E71E75EE7A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:system_utilities:19.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7961BBD-6411-4D32-947D-3940221C235B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:tape_library_acsls:8.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"162C6FD9-AEC2-4EBA-A163-3054840B8ACE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:tape_library_acsls:8.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6879D52-A44E-4DF8-8A3A-3613822EB469\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:transportation_management:1.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AAF89C1-AAC2-449C-90C1-895F5F8843B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:utilities_mobile_workforce_management:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.3.0.1\",\"versionEndIncluding\":\"2.3.0.3\",\"matchCriteriaId\":\"2F2D3FA0-BD9D-4828-AE36-1CE43D9B07D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D551CAB1-4312-44AA-BDA8-A030817E153A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B40B13B7-68B3-4510-968C-6A730EB46462\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C93CC705-1F8C-4870-99E6-14BF264C3811\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F14A818F-AA16-4438-A3E4-E64C9287AC66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04BCDC24-4A21-473C-8733-0D9CFB38A752\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:joomla:joomla\\\\!:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndIncluding\":\"3.9.4\",\"matchCriteriaId\":\"C63557DE-E65B-46F4-99C4-247EACCB7BBA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"216E7DDE-453D-481F-92E2-9F8466CDDA3F\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/May/10\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/May/11\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/May/13\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/06/03/2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/108023\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHBA-2019:1570\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1456\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:2587\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3023\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3024\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://backdropcms.org/security/backdrop-sa-core-2019-009\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/jquery/jquery/pull/4333\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Apr/32\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Jun/12\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/May/18\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190919-0001/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://snyk.io/vuln/SNYK-JS-JQUERY-174006\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4434\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4460\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.drupal.org/sa-core-2019-006\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2020.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.synology.com/security/advisory/Synology_SA_19_19\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2019-08\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2020-02\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/May/10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/May/11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/May/13\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/06/03/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/108023\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHBA-2019:1570\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1456\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:2587\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3023\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3024\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://backdropcms.org/security/backdrop-sa-core-2019-009\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/jquery/jquery/pull/4333\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Apr/32\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Jun/12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/May/18\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190919-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://snyk.io/vuln/SNYK-JS-JQUERY-174006\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4434\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4460\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.drupal.org/sa-core-2019-006\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.synology.com/security/advisory/Synology_SA_19_19\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2019-08\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2020-02\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.drupal.org/sa-core-2019-006\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.synology.com/security/advisory/Synology_SA_19_19\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4434\", \"name\": \"DSA-4434\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Apr/32\", \"name\": \"20190421 [SECURITY] [DSA 4434-1] drupal7 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/108023\", \"name\": \"108023\", \"tags\": [\"vdb-entry\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E\", \"name\": \"[airflow-commits] 20190428 [GitHub] [airflow] feng-tao commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E\", \"name\": \"[airflow-commits] 20190428 [GitHub] [airflow] feng-tao opened a new pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E\", \"name\": \"[airflow-commits] 20190428 [GitHub] [airflow] codecov-io commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E\", \"name\": \"[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG merged pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E\", \"name\": \"[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html\", \"name\": \"[debian-lts-announce] 20190506 [SECURITY] [DLA 1777-1] jquery security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/\", \"name\": \"FEDORA-2019-eba8e44ee6\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/\", \"name\": \"FEDORA-2019-1a3edd7e8a\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/\", \"name\": \"FEDORA-2019-7eaf0bbe7c\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/\", \"name\": \"FEDORA-2019-2a0ce0c58c\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/\", \"name\": \"FEDORA-2019-a06dffab1c\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/\", \"name\": \"FEDORA-2019-f563e66380\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/May/18\", \"name\": \"20190509 dotCMS v5.1.1 Vulnerabilities\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/May/11\", \"name\": \"20190510 dotCMS v5.1.1 HTML Injection \u0026 XSS Vulnerability\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/May/10\", \"name\": \"20190510 dotCMS v5.1.1 Vulnerabilities\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/May/13\", \"name\": \"20190510 Re: dotCMS v5.1.1 HTML Injection \u0026 XSS Vulnerability\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html\", \"name\": \"[debian-lts-announce] 20190520 [SECURITY] [DLA 1797-1] drupal7 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/06/03/2\", \"name\": \"[oss-security] 20190603 Django: CVE-2019-12308 AdminURLFieldWidget XSS (plus patched bundled jQuery for CVE-2019-11358)\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1456\", \"name\": \"RHSA-2019:1456\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4460\", \"name\": \"DSA-4460\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Jun/12\", \"name\": \"20190612 [SECURITY] [DSA 4460-1] mediawiki security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html\", \"name\": \"openSUSE-SU-2019:1839\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHBA-2019:1570\", \"name\": \"RHBA-2019:1570\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html\", \"name\": \"openSUSE-SU-2019:1872\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E\", \"name\": \"[roller-commits] 20190820 [jira] [Created] (ROL-2150) Fix Js security vulnerabilities detected using retire js\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:2587\", \"name\": \"RHSA-2019:2587\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20190919-0001/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3023\", \"name\": \"RHSA-2019:3023\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3024\", \"name\": \"RHSA-2019:3024\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E\", \"name\": \"[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E\", \"name\": \"[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E\", \"name\": \"[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E\", \"name\": \"[nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.tenable.com/security/tns-2019-08\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E\", \"name\": \"[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html\", \"name\": \"[debian-lts-announce] 20200224 [SECURITY] [DLA 2118-1] otrs2 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.tenable.com/security/tns-2020-02\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E\", \"name\": \"[syncope-dev] 20200423 Jquery version on 2.1.x/2.0.x\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E\", \"name\": \"[flink-dev] 20200513 [jira] [Created] (FLINK-17675) Resolve CVE-2019-11358 from jquery\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E\", \"name\": \"[flink-issues] 20200513 [jira] [Created] (FLINK-17675) Resolve CVE-2019-11358 from jquery\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E\", \"name\": \"[flink-issues] 20200518 [jira] [Commented] (FLINK-17675) Resolve CVE-2019-11358 from jquery\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E\", \"name\": \"[flink-issues] 20200518 [jira] [Updated] (FLINK-17675) Resolve CVE-2019-11358 from jquery\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E\", \"name\": \"[flink-issues] 20200518 [jira] [Assigned] (FLINK-17675) Resolve CVE-2019-11358 from jquery\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E\", \"name\": \"[flink-issues] 20200520 [jira] [Closed] (FLINK-17675) Resolve CVE-2019-11358 from jquery\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2020.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E\", \"name\": \"[storm-dev] 20200708 [GitHub] [storm] Crim opened a new pull request #3305: [STORM-3553] Upgrade jQuery from 1.11.1 to 3.5.1\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2020.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2020.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://backdropcms.org/security/backdrop-sa-core-2019-009\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://snyk.io/vuln/SNYK-JS-JQUERY-174006\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/jquery/jquery/pull/4333\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2020.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2021.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuApr2021.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.oracle.com//security-alerts/cpujul2021.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2021.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html\", \"name\": \"[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T22:48:09.199Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2019-11358\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-02-20T15:03:16.892088Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-15T15:11:14.055Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://www.drupal.org/sa-core-2019-006\"}, {\"url\": \"https://www.synology.com/security/advisory/Synology_SA_19_19\"}, {\"url\": \"https://www.debian.org/security/2019/dsa-4434\", \"name\": \"DSA-4434\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Apr/32\", \"name\": \"20190421 [SECURITY] [DSA 4434-1] drupal7 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.securityfocus.com/bid/108023\", \"name\": \"108023\", \"tags\": [\"vdb-entry\"]}, {\"url\": \"https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E\", \"name\": \"[airflow-commits] 20190428 [GitHub] [airflow] feng-tao commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E\", \"name\": \"[airflow-commits] 20190428 [GitHub] [airflow] feng-tao opened a new pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E\", \"name\": \"[airflow-commits] 20190428 [GitHub] [airflow] codecov-io commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E\", \"name\": \"[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG merged pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E\", \"name\": \"[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html\", \"name\": \"[debian-lts-announce] 20190506 [SECURITY] [DLA 1777-1] jquery security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/\", \"name\": \"FEDORA-2019-eba8e44ee6\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/\", \"name\": \"FEDORA-2019-1a3edd7e8a\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/\", \"name\": \"FEDORA-2019-7eaf0bbe7c\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/\", \"name\": \"FEDORA-2019-2a0ce0c58c\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/\", \"name\": \"FEDORA-2019-a06dffab1c\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/\", \"name\": \"FEDORA-2019-f563e66380\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/May/18\", \"name\": \"20190509 dotCMS v5.1.1 Vulnerabilities\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html\"}, {\"url\": \"http://seclists.org/fulldisclosure/2019/May/11\", \"name\": \"20190510 dotCMS v5.1.1 HTML Injection \u0026 XSS Vulnerability\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/May/10\", \"name\": \"20190510 dotCMS v5.1.1 Vulnerabilities\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/May/13\", \"name\": \"20190510 Re: dotCMS v5.1.1 HTML Injection \u0026 XSS Vulnerability\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html\", \"name\": \"[debian-lts-announce] 20190520 [SECURITY] [DLA 1797-1] drupal7 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/06/03/2\", \"name\": \"[oss-security] 20190603 Django: CVE-2019-12308 AdminURLFieldWidget XSS (plus patched bundled jQuery for CVE-2019-11358)\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1456\", \"name\": \"RHSA-2019:1456\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4460\", \"name\": \"DSA-4460\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Jun/12\", \"name\": \"20190612 [SECURITY] [DSA 4460-1] mediawiki security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html\", \"name\": \"openSUSE-SU-2019:1839\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHBA-2019:1570\", \"name\": \"RHBA-2019:1570\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html\", \"name\": \"openSUSE-SU-2019:1872\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E\", \"name\": \"[roller-commits] 20190820 [jira] [Created] (ROL-2150) Fix Js security vulnerabilities detected using retire js\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:2587\", \"name\": \"RHSA-2019:2587\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20190919-0001/\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3023\", \"name\": \"RHSA-2019:3023\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3024\", \"name\": \"RHSA-2019:3024\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E\", \"name\": \"[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E\", \"name\": \"[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E\", \"name\": \"[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E\", \"name\": \"[nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.tenable.com/security/tns-2019-08\"}, {\"url\": \"https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E\", \"name\": \"[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html\", \"name\": \"[debian-lts-announce] 20200224 [SECURITY] [DLA 2118-1] otrs2 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html\"}, {\"url\": \"https://www.tenable.com/security/tns-2020-02\"}, {\"url\": \"https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E\", \"name\": \"[syncope-dev] 20200423 Jquery version on 2.1.x/2.0.x\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E\", \"name\": \"[flink-dev] 20200513 [jira] [Created] (FLINK-17675) Resolve CVE-2019-11358 from jquery\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E\", \"name\": \"[flink-issues] 20200513 [jira] [Created] (FLINK-17675) Resolve CVE-2019-11358 from jquery\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E\", \"name\": \"[flink-issues] 20200518 [jira] [Commented] (FLINK-17675) Resolve CVE-2019-11358 from jquery\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E\", \"name\": \"[flink-issues] 20200518 [jira] [Updated] (FLINK-17675) Resolve CVE-2019-11358 from jquery\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E\", \"name\": \"[flink-issues] 20200518 [jira] [Assigned] (FLINK-17675) Resolve CVE-2019-11358 from jquery\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E\", \"name\": \"[flink-issues] 20200520 [jira] [Closed] (FLINK-17675) Resolve CVE-2019-11358 from jquery\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2020.html\"}, {\"url\": \"https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E\", \"name\": \"[storm-dev] 20200708 [GitHub] [storm] Crim opened a new pull request #3305: [STORM-3553] Upgrade jQuery from 1.11.1 to 3.5.1\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2020.html\"}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\"}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2020.html\"}, {\"url\": \"https://backdropcms.org/security/backdrop-sa-core-2019-009\"}, {\"url\": \"https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/\"}, {\"url\": \"https://snyk.io/vuln/SNYK-JS-JQUERY-174006\"}, {\"url\": \"https://github.com/jquery/jquery/pull/4333\"}, {\"url\": \"https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b\"}, {\"url\": \"https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2020.html\"}, {\"url\": \"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2021.html\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpuApr2021.html\"}, {\"url\": \"https://www.oracle.com//security-alerts/cpujul2021.html\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2021.html\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\"}, {\"url\": \"https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html\", \"name\": \"[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update\", \"tags\": [\"mailing-list\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2023-08-31T02:06:52.187292\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2019-11358\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-15T15:11:23.024Z\", \"dateReserved\": \"2019-04-19T00:00:00\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2019-04-19T00:00:00\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
WID-SEC-W-2023-1737
Vulnerability from csaf_certbund - Published: 2023-07-12 22:00 - Updated: 2023-07-12 22:00Summary
Juniper Patchday Juli 2023
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
JUNOS ist das "Juniper Network Operating System", das in Juniper Appliances verwendet wird.
SRX Series Services Gateways ist ein Next-Generation Anti-Threat Firewall von Juniper.
Die Juniper MX-Serie ist eine Produktfamilie von Routern.
Die Switches der QFX-Serie von Juniper sichern und automatisieren Netzwerke in Rechenzentren.
Angriff
Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter anonymer oder lokaler Angreifer kann mehrere Schwachstellen in verschiedenen Juniper Produkten ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und seine Privilegien zu erweitern.
Betroffene Betriebssysteme
- BIOS/Firmware
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "JUNOS ist das \"Juniper Network Operating System\", das in Juniper Appliances verwendet wird.\r\nSRX Series Services Gateways ist ein Next-Generation Anti-Threat Firewall von Juniper.\r\nDie Juniper MX-Serie ist eine Produktfamilie von Routern.\r\nDie Switches der QFX-Serie von Juniper sichern und automatisieren Netzwerke in Rechenzentren.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter anonymer oder lokaler Angreifer kann mehrere Schwachstellen in verschiedenen Juniper Produkten ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern.",
"title": "Angriff"
},
{
"category": "general",
"text": "- BIOS/Firmware",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1737 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1737.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1737 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1737"
},
{
"category": "external",
"summary": "Juniper Security Advisory vom 2023-07-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA71656"
},
{
"category": "external",
"summary": "Juniper Security Advisory vom 2023-07-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA71659"
},
{
"category": "external",
"summary": "Juniper Security Advisory vom 2023-07-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA71653"
},
{
"category": "external",
"summary": "Juniper Security Advisory vom 2023-07-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA71650"
},
{
"category": "external",
"summary": "Juniper Security Advisory vom 2023-07-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA71660"
},
{
"category": "external",
"summary": "Juniper Security Advisory vom 2023-07-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA71655"
},
{
"category": "external",
"summary": "Juniper Security Advisory vom 2023-07-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA71647"
},
{
"category": "external",
"summary": "Juniper Security Advisory vom 2023-07-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA71643"
},
{
"category": "external",
"summary": "Juniper Security Advisory vom 2023-07-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA71642"
},
{
"category": "external",
"summary": "Juniper Security Advisory vom 2023-07-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA71651"
},
{
"category": "external",
"summary": "Juniper Security Advisory vom 2023-07-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA71640"
},
{
"category": "external",
"summary": "Juniper Security Advisory vom 2023-07-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA71661"
},
{
"category": "external",
"summary": "Juniper Security Advisory vom 2023-07-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA71639"
},
{
"category": "external",
"summary": "Juniper Security Advisory vom 2023-07-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA71662"
},
{
"category": "external",
"summary": "Juniper Security Advisory vom 2023-07-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA71645"
},
{
"category": "external",
"summary": "Juniper Security Advisory vom 2023-07-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA71641"
},
{
"category": "external",
"summary": "Juniper Security Advisory vom 2023-07-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA71636"
}
],
"source_lang": "en-US",
"title": "Juniper Patchday Juli 2023",
"tracking": {
"current_release_date": "2023-07-12T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:55:25.536+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-1737",
"initial_release_date": "2023-07-12T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-07-12T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Juniper JUNOS",
"product": {
"name": "Juniper JUNOS",
"product_id": "5930",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:-"
}
}
},
{
"category": "product_name",
"name": "Juniper JUNOS Evolved",
"product": {
"name": "Juniper JUNOS Evolved",
"product_id": "T018886",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:evolved"
}
}
},
{
"category": "product_name",
"name": "Juniper JUNOS PTX10001-36MR",
"product": {
"name": "Juniper JUNOS PTX10001-36MR",
"product_id": "T028577",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:ptx10001-36mr"
}
}
},
{
"category": "product_name",
"name": "Juniper JUNOS PTX10004",
"product": {
"name": "Juniper JUNOS PTX10004",
"product_id": "T028578",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:ptx10004"
}
}
},
{
"category": "product_name",
"name": "Juniper JUNOS PTX10008",
"product": {
"name": "Juniper JUNOS PTX10008",
"product_id": "T028579",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:ptx10008"
}
}
},
{
"category": "product_name",
"name": "Juniper JUNOS PTX10016",
"product": {
"name": "Juniper JUNOS PTX10016",
"product_id": "T028580",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:ptx10016"
}
}
},
{
"category": "product_name",
"name": "Juniper JUNOS Contrail Cloud",
"product": {
"name": "Juniper JUNOS Contrail Cloud",
"product_id": "T028581",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:contrail_cloud"
}
}
},
{
"category": "product_name",
"name": "Juniper JUNOS Space",
"product": {
"name": "Juniper JUNOS Space",
"product_id": "T028582",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:space"
}
}
}
],
"category": "product_name",
"name": "JUNOS"
},
{
"category": "product_name",
"name": "Juniper MX Series",
"product": {
"name": "Juniper MX Series",
"product_id": "918766",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:mx:-"
}
}
},
{
"category": "product_name",
"name": "Juniper QFX Series 10000",
"product": {
"name": "Juniper QFX Series 10000",
"product_id": "T027256",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:qfx:qfx10000"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "Juniper SRX Series",
"product": {
"name": "Juniper SRX Series",
"product_id": "T008011",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:srx_service_gateways:-"
}
}
},
{
"category": "product_name",
"name": "Juniper SRX Series 5000",
"product": {
"name": "Juniper SRX Series 5000",
"product_id": "T025822",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:srx_service_gateways:5000"
}
}
},
{
"category": "product_name",
"name": "Juniper SRX Series 4600",
"product": {
"name": "Juniper SRX Series 4600",
"product_id": "T028576",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:srx_service_gateways:4600"
}
}
}
],
"category": "product_name",
"name": "SRX Series"
}
],
"category": "vendor",
"name": "Juniper"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-36850",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2023-36850"
},
{
"cve": "CVE-2023-36849",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2023-36849"
},
{
"cve": "CVE-2023-36848",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2023-36848"
},
{
"cve": "CVE-2023-36840",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2023-36840"
},
{
"cve": "CVE-2023-36838",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2023-36838"
},
{
"cve": "CVE-2023-36836",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2023-36836"
},
{
"cve": "CVE-2023-36835",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2023-36835"
},
{
"cve": "CVE-2023-36834",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2023-36834"
},
{
"cve": "CVE-2023-36833",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2023-36833"
},
{
"cve": "CVE-2023-36832",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2023-36832"
},
{
"cve": "CVE-2023-36831",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2023-36831"
},
{
"cve": "CVE-2023-28985",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2023-28985"
},
{
"cve": "CVE-2022-4378",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2022-4378"
},
{
"cve": "CVE-2022-42898",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2022-42898"
},
{
"cve": "CVE-2022-42703",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2022-42703"
},
{
"cve": "CVE-2022-41974",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2022-41974"
},
{
"cve": "CVE-2022-38023",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2022-38023"
},
{
"cve": "CVE-2022-3276",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2022-3276"
},
{
"cve": "CVE-2022-31629",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2022-31629"
},
{
"cve": "CVE-2022-31628",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2022-31628"
},
{
"cve": "CVE-2022-31627",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2022-31627"
},
{
"cve": "CVE-2022-31626",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2022-31626"
},
{
"cve": "CVE-2022-31625",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2022-31625"
},
{
"cve": "CVE-2022-30123",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2022-30123"
},
{
"cve": "CVE-2022-29901",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2022-29901"
},
{
"cve": "CVE-2022-29900",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2022-29900"
},
{
"cve": "CVE-2022-2964",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2022-2964"
},
{
"cve": "CVE-2022-2795",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2022-2795"
},
{
"cve": "CVE-2022-26373",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2022-26373"
},
{
"cve": "CVE-2022-2588",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2022-2588"
},
{
"cve": "CVE-2022-23825",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2022-23825"
},
{
"cve": "CVE-2021-40085",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2021-40085"
},
{
"cve": "CVE-2021-26401",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2021-26401"
},
{
"cve": "CVE-2021-25220",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2021-25220"
},
{
"cve": "CVE-2021-21708",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2021-21708"
},
{
"cve": "CVE-2021-21707",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2021-21707"
},
{
"cve": "CVE-2021-21705",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2021-21705"
},
{
"cve": "CVE-2021-21704",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2021-21704"
},
{
"cve": "CVE-2021-21703",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2021-21703"
},
{
"cve": "CVE-2021-21702",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2021-21702"
},
{
"cve": "CVE-2020-7071",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2020-7071"
},
{
"cve": "CVE-2020-13946",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2020-13946"
},
{
"cve": "CVE-2020-13817",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2020-13817"
},
{
"cve": "CVE-2020-11868",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2020-11868"
},
{
"cve": "CVE-2019-11358",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2019-11358"
},
{
"cve": "CVE-2017-7655",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2017-7655"
},
{
"cve": "CVE-2017-7654",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2017-7654"
},
{
"cve": "CVE-2017-7653",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Juniper JUNOS, JUNOS Evolved, sowie JUNOS Space und zugeh\u00f6rigen Produkten. Dazu z\u00e4hlen SRX, MX, PTX, QFX, Contrail Cloud und mehrere Produkten von Drittanbietern wie PHP, jQuery, Openstack, sowie AMD- und Intel-Prozessoren. Sie werden u. a. durch unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfungen, Out-of-Bounds-Read, unsachgem\u00e4\u00dfe Validierungen, Use-after-free-Fehler und die Verwendung einer nicht initialisierten Ressource verursacht. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T028581",
"T028582",
"T028580",
"918766",
"T018886",
"T025822",
"5930",
"T028578",
"T028579",
"T027256",
"T028576",
"T028577",
"T008011"
]
},
"release_date": "2023-07-12T22:00:00.000+00:00",
"title": "CVE-2017-7653"
}
]
}
WID-SEC-W-2022-1948
Vulnerability from csaf_certbund - Published: 2019-04-17 22:00 - Updated: 2024-07-11 22:00Summary
Drupal: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Drupal ist ein freies Content-Management-System, basierend auf der Scriptsprache PHP und einer SQL-Datenbank. Über zahlreiche Extensions kann der Funktionsumfang der Core-Installation individuell erweitert werden.
Angriff
Ein entfernter, authentisierter oder anonymer Angreifer kann mehrere Schwachstellen in Drupal ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen, um Daten zu manipulieren, um einen Denial of Service Zustand herbeizuführen und um beliebigen Code auszuführen.
Betroffene Betriebssysteme
- Linux
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Drupal ist ein freies Content-Management-System, basierend auf der Scriptsprache PHP und einer SQL-Datenbank. \u00dcber zahlreiche Extensions kann der Funktionsumfang der Core-Installation individuell erweitert werden.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter oder anonymer Angreifer kann mehrere Schwachstellen in Drupal ausnutzen, um einen Cross-Site Scripting Angriff durchzuf\u00fchren, um Daten zu manipulieren, um einen Denial of Service Zustand herbeizuf\u00fchren und um beliebigen Code auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-1948 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2019/wid-sec-w-2022-1948.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-1948 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1948"
},
{
"category": "external",
"summary": "Drupal Security Advisory sa-core-2019-005 vom 2019-04-17",
"url": "https://www.drupal.org/sa-core-2019-005"
},
{
"category": "external",
"summary": "Drupal Security Advisory sa-core-2019-006 vom 2019-04-17",
"url": "https://www.drupal.org/sa-core-2019-006"
},
{
"category": "external",
"summary": "Drupal Security Advisory sa-contrib-2019-045 vom 2019-04-17",
"url": "https://www.drupal.org/sa-contrib-2019-045"
},
{
"category": "external",
"summary": "Drupal Security Advisory sa-contrib-2019-044 vom 2019-04-17",
"url": "https://www.drupal.org/sa-contrib-2019-044"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA11203 vom 2021-07-14",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11203\u0026cat=SIRT_1"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-7343 vom 2022-11-03",
"url": "https://linux.oracle.com/errata/ELSA-2022-7343.html"
},
{
"category": "external",
"summary": "Tenable Security Advisory TNS-2023-09 vom 2023-03-02",
"url": "https://www.tenable.com/security/tns-2023-09"
},
{
"category": "external",
"summary": "SolarWinds Platform 2023.3 Release Notes",
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-3_release_notes.htm"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7160134 vom 2024-07-12",
"url": "https://www.ibm.com/support/pages/node/7160134"
}
],
"source_lang": "en-US",
"title": "Drupal: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-07-11T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:37:29.687+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-1948",
"initial_release_date": "2019-04-17T22:00:00.000+00:00",
"revision_history": [
{
"date": "2019-04-17T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2019-04-22T22:00:00.000+00:00",
"number": "2",
"summary": "cve added"
},
{
"date": "2019-04-22T22:00:00.000+00:00",
"number": "3",
"summary": "Referenz(en) aufgenommen: FEDORA-2019-F5D6A7CE74, FEDORA-2019-8635280DE5, FEDORA-2019-0EF4149687, FEDORA-2019-32067D8B15, FEDORA-2019-2A7F472198, FEDORA-2019-6F6F41E8E1, FEDORA-2019-F8DB687840, FEDORA-2019-3EE6A7ADF2"
},
{
"date": "2019-04-29T22:00:00.000+00:00",
"number": "4",
"summary": "Referenz(en) aufgenommen: FEDORA-2019-7EAF0BBE7C, FEDORA-2019-EBA8E44EE6"
},
{
"date": "2019-05-01T22:00:00.000+00:00",
"number": "5",
"summary": "Referenz(en) aufgenommen: FEDORA-2019-1A3EDD7E8A, FEDORA-2019-A06DFFAB1C, FEDORA-2019-2A0CE0C58C, FEDORA-2019-F563E66380"
},
{
"date": "2019-06-04T22:00:00.000+00:00",
"number": "6",
"summary": "Referenz(en) aufgenommen: ASA-201906-2"
},
{
"date": "2021-07-14T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Juniper aufgenommen"
},
{
"date": "2022-11-02T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2023-03-02T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Tenable aufgenommen"
},
{
"date": "2023-07-25T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2024-07-11T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "11"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP9",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP9",
"product_id": "T036127"
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Juniper JUNOS",
"product": {
"name": "Juniper JUNOS",
"product_id": "5930",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:-"
}
}
}
],
"category": "vendor",
"name": "Juniper"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.66",
"product": {
"name": "Open Source Drupal \u003c7.66",
"product_id": "T014038"
}
},
{
"category": "product_version_range",
"name": "\u003c8.5.15",
"product": {
"name": "Open Source Drupal \u003c8.5.15",
"product_id": "T014039"
}
},
{
"category": "product_version_range",
"name": "\u003c8.6.15",
"product": {
"name": "Open Source Drupal \u003c8.6.15",
"product_id": "T014040"
}
}
],
"category": "product_name",
"name": "Drupal"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2023.3",
"product": {
"name": "SolarWinds Platform \u003c2023.3",
"product_id": "T028897"
}
}
],
"category": "product_name",
"name": "Platform"
}
],
"category": "vendor",
"name": "SolarWinds"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.5.0",
"product": {
"name": "Tenable Security Nessus \u003c10.5.0",
"product_id": "T026604"
}
}
],
"category": "product_name",
"name": "Nessus"
}
],
"category": "vendor",
"name": "Tenable Security"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-10909",
"notes": [
{
"category": "description",
"text": "In Drupal existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden in der \"PHP templating engine\" nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter authentisierter Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstelle muss der Angreifer den Benutzer dazu bringen, eine modifizierte URL oder Webseite in seinem Web-Browser zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"T026604",
"5930",
"T028897",
"T036127",
"T004914"
]
},
"release_date": "2019-04-17T22:00:00.000+00:00",
"title": "CVE-2019-10909"
},
{
"cve": "CVE-2019-11358",
"notes": [
{
"category": "description",
"text": "In Drupal existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden in der \"PHP templating engine\" nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter authentisierter Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstelle muss der Angreifer den Benutzer dazu bringen, eine modifizierte URL oder Webseite in seinem Web-Browser zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"T026604",
"5930",
"T028897",
"T036127",
"T004914"
]
},
"release_date": "2019-04-17T22:00:00.000+00:00",
"title": "CVE-2019-11358"
},
{
"cve": "CVE-2019-10910",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Drupal aufgrund fehlender Validierung von Benutzereingaben bez\u00fcglich des Wertes \"Service-ID\". Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T026604",
"T028897",
"T036127",
"T004914"
]
},
"release_date": "2019-04-17T22:00:00.000+00:00",
"title": "CVE-2019-10910"
},
{
"cve": "CVE-2019-10911",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Drupal aufgrund von Fehlern bei der G\u00fcltigkeitspr\u00fcfung des \"remember me cookie\". Ein Angreifer kann dies ausnutzen, indem er ein bestehendes Cookie \u00e4ndert, um sich als ein anderer Benutzer zu authentifizieren. Dies funktioniert, wenn der andere Benutzer den gleichen Passwort-Hash hat oder wenn die Passwort-\u00dcberpr\u00fcfung extern durchgef\u00fchrt wird."
}
],
"product_status": {
"known_affected": [
"T026604",
"T028897",
"T036127",
"T004914"
]
},
"release_date": "2019-04-17T22:00:00.000+00:00",
"title": "CVE-2019-10911"
},
{
"notes": [
{
"category": "description",
"text": "Es gibt eine Schwachstelle in Drupal in der Komponente \"jQuery\". Ein unbeabsichtigtes Verhalten in \"jQuery.extend(true, {}, ....)\" erm\u00f6glicht einem Angreifer das Modifizieren von Objekten."
}
],
"product_status": {
"known_affected": [
"T026604",
"T028897",
"T036127",
"T004914"
]
},
"release_date": "2019-04-17T22:00:00.000+00:00"
},
{
"notes": [
{
"category": "description",
"text": "Es gibt eine Schwachstelle in Drupal im Modul \"Stage File Proxy\", wenn die Option \"Hot Link\" deaktiviert ist (Standard). Angeforderte URLs werden nicht ausreichend validiert. Durch wiederholtes Senden von Anfragen f\u00fcr nicht vorhandene Dateien kann ein Angreifer einen Denial of Service Zustand ausl\u00f6sen."
}
],
"product_status": {
"known_affected": [
"T026604",
"T028897",
"T036127",
"T004914"
]
},
"release_date": "2019-04-17T22:00:00.000+00:00"
},
{
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Drupal im Modul \"TableField\" aufgrund einer unzureichenden Validierung serialisierter Daten. Dies erm\u00f6glicht einem Angreifer, Objekte zu injizieren, um beliebigen Code auszuf\u00fchren. F\u00fcr eine erfolgreiche Ausnutzung ben\u00f6tigt der Angreifer die Berechtigung \"export tablefield\"."
}
],
"product_status": {
"known_affected": [
"T026604",
"T028897",
"T036127",
"T004914"
]
},
"release_date": "2019-04-17T22:00:00.000+00:00"
}
]
}
WID-SEC-W-2023-0239
Vulnerability from csaf_certbund - Published: 2023-01-31 23:00 - Updated: 2025-06-24 22:00Summary
Red Hat JBoss Enterprise Application Platform: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
JBoss Enterprise Application Platform ist eine skalierbare Plattform für Java-Anwendungen, inklusive JBoss Application Server, JBoss Hibernate und Boss Seam.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat JBoss Enterprise Application Platform ausnutzen, um beliebigen Programmcode auszuführen, ein Cross-Site-Scritping-Angriff durchzuführen, Informationen offenzulegen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "JBoss Enterprise Application Platform ist eine skalierbare Plattform f\u00fcr Java-Anwendungen, inklusive JBoss Application Server, JBoss Hibernate und Boss Seam.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat JBoss Enterprise Application Platform ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0239 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0239.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0239 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0239"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0552 vom 2023-01-31",
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0553 vom 2023-01-31",
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0554 vom 2023-01-31",
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0556 vom 2023-01-31",
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0560 vom 2023-02-08",
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0713 vom 2023-02-09",
"url": "https://access.redhat.com/errata/RHSA-2023:0713"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1044 vom 2023-03-02",
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1043 vom 2023-03-02",
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1049 vom 2023-03-02",
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1047 vom 2023-03-02",
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1045 vom 2023-03-02",
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
},
{
"category": "external",
"summary": "F5 Security Advisory K48382137 vom 2023-04-21",
"url": "https://my.f5.com/manage/s/article/K48382137"
},
{
"category": "external",
"summary": "F5 Security Advisory K05380109 vom 2023-04-20",
"url": "https://my.f5.com/manage/s/article/K05380109"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3223 vom 2023-05-18",
"url": "https://access.redhat.com/errata/RHSA-2023:3223"
},
{
"category": "external",
"summary": "Hitachi Software Vulnerability Information hitachi-sec-2023-116 vom 2023-05-23",
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-116/index.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4983 vom 2023-09-05",
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2023-143 vom 2023-10-03",
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-143/index.html"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2023-409 vom 2023-12-23",
"url": "https://www.dell.com/support/kbdoc/000220669/dsa-2023-="
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:1027 vom 2024-02-28",
"url": "https://access.redhat.com/errata/RHSA-2024:1027"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1746 vom 2025-02-24",
"url": "https://access.redhat.com/errata/RHSA-2025:1746"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1747 vom 2025-02-24",
"url": "https://access.redhat.com/errata/RHSA-2025:1747"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:4437 vom 2025-05-05",
"url": "https://access.redhat.com/errata/RHSA-2025:4437"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9583 vom 2025-06-25",
"url": "https://access.redhat.com/errata/RHSA-2025:9583"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9582 vom 2025-06-25",
"url": "https://access.redhat.com/errata/RHSA-2025:9582"
}
],
"source_lang": "en-US",
"title": "Red Hat JBoss Enterprise Application Platform: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-06-24T22:00:00.000+00:00",
"generator": {
"date": "2025-06-25T11:35:50.369+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2023-0239",
"initial_release_date": "2023-01-31T23:00:00.000+00:00",
"revision_history": [
{
"date": "2023-01-31T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-02-08T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-02-09T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-03-01T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-04-20T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von F5 aufgenommen"
},
{
"date": "2023-05-18T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-05-22T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von HITACHI aufgenommen"
},
{
"date": "2023-09-05T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-10-03T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von HITACHI aufgenommen"
},
{
"date": "2023-12-26T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-02-28T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-02-23T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-05-04T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-06-24T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "14"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "F5 BIG-IP",
"product": {
"name": "F5 BIG-IP",
"product_id": "T001663",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:-"
}
}
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Hitachi Ops Center",
"product": {
"name": "Hitachi Ops Center",
"product_id": "T017562",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:ops_center:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003cCommon Services 10.9.3-00",
"product": {
"name": "Hitachi Ops Center \u003cCommon Services 10.9.3-00",
"product_id": "T030195"
}
},
{
"category": "product_version",
"name": "Common Services 10.9.3-00",
"product": {
"name": "Hitachi Ops Center Common Services 10.9.3-00",
"product_id": "T030195-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:ops_center:common_services_10.9.3-00"
}
}
}
],
"category": "product_name",
"name": "Ops Center"
}
],
"category": "vendor",
"name": "Hitachi"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "Streams \u003c2.4.0",
"product": {
"name": "Red Hat JBoss A-MQ Streams \u003c2.4.0",
"product_id": "T027764"
}
},
{
"category": "product_version",
"name": "Streams 2.4.0",
"product": {
"name": "Red Hat JBoss A-MQ Streams 2.4.0",
"product_id": "T027764-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_amq:streams_2.4.0"
}
}
}
],
"category": "product_name",
"name": "JBoss A-MQ"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.4.9",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform \u003c7.4.9",
"product_id": "T026073"
}
},
{
"category": "product_version",
"name": "7.4.9",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7.4.9",
"product_id": "T026073-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4.9"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.3.12",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform \u003c7.3.12",
"product_id": "T041369"
}
},
{
"category": "product_version",
"name": "7.3.12",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7.3.12",
"product_id": "T041369-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3.12"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.1.9",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform \u003c7.1.9",
"product_id": "T041370"
}
},
{
"category": "product_version",
"name": "7.1.9",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7.1.9",
"product_id": "T041370-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1.9"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.3.13",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform \u003c7.3.13",
"product_id": "T043288"
}
},
{
"category": "product_version",
"name": "7.3.13",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7.3.13",
"product_id": "T043288-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3.13"
}
}
}
],
"category": "product_name",
"name": "JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "container platform 4.0.51",
"product": {
"name": "Red Hat OpenShift container platform 4.0.51",
"product_id": "T026183",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform_4.0.51"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"product_status": {
"known_affected": [
"T026183",
"T026073",
"T041370",
"67646",
"T001663",
"T027764",
"T041369",
"T030195",
"T017562",
"T043288"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2015-9251"
},
{
"cve": "CVE-2016-10735",
"product_status": {
"known_affected": [
"T026183",
"T026073",
"T041370",
"67646",
"T001663",
"T027764",
"T041369",
"T030195",
"T017562",
"T043288"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2016-10735"
},
{
"cve": "CVE-2017-18214",
"product_status": {
"known_affected": [
"T026183",
"T026073",
"T041370",
"67646",
"T001663",
"T027764",
"T041369",
"T030195",
"T017562",
"T043288"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2017-18214"
},
{
"cve": "CVE-2018-14040",
"product_status": {
"known_affected": [
"T026183",
"T026073",
"T041370",
"67646",
"T001663",
"T027764",
"T041369",
"T030195",
"T017562",
"T043288"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2018-14040"
},
{
"cve": "CVE-2018-14041",
"product_status": {
"known_affected": [
"T026183",
"T026073",
"T041370",
"67646",
"T001663",
"T027764",
"T041369",
"T030195",
"T017562",
"T043288"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2018-14041"
},
{
"cve": "CVE-2018-14042",
"product_status": {
"known_affected": [
"T026183",
"T026073",
"T041370",
"67646",
"T001663",
"T027764",
"T041369",
"T030195",
"T017562",
"T043288"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2018-14042"
},
{
"cve": "CVE-2019-11358",
"product_status": {
"known_affected": [
"T026183",
"T026073",
"T041370",
"67646",
"T001663",
"T027764",
"T041369",
"T030195",
"T017562",
"T043288"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2019-11358"
},
{
"cve": "CVE-2019-8331",
"product_status": {
"known_affected": [
"T026183",
"T026073",
"T041370",
"67646",
"T001663",
"T027764",
"T041369",
"T030195",
"T017562",
"T043288"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2019-8331"
},
{
"cve": "CVE-2020-11022",
"product_status": {
"known_affected": [
"T026183",
"T026073",
"T041370",
"67646",
"T001663",
"T027764",
"T041369",
"T030195",
"T017562",
"T043288"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2020-11022"
},
{
"cve": "CVE-2020-11023",
"product_status": {
"known_affected": [
"T026183",
"T026073",
"T041370",
"67646",
"T001663",
"T027764",
"T041369",
"T030195",
"T017562",
"T043288"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2020-11023"
},
{
"cve": "CVE-2022-3143",
"product_status": {
"known_affected": [
"T026183",
"T026073",
"T041370",
"67646",
"T001663",
"T027764",
"T041369",
"T030195",
"T017562",
"T043288"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-3143"
},
{
"cve": "CVE-2022-40149",
"product_status": {
"known_affected": [
"T026183",
"T026073",
"T041370",
"67646",
"T001663",
"T027764",
"T041369",
"T030195",
"T017562",
"T043288"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-40149"
},
{
"cve": "CVE-2022-40150",
"product_status": {
"known_affected": [
"T026183",
"T026073",
"T041370",
"67646",
"T001663",
"T027764",
"T041369",
"T030195",
"T017562",
"T043288"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-40150"
},
{
"cve": "CVE-2022-40152",
"product_status": {
"known_affected": [
"T026183",
"T026073",
"T041370",
"67646",
"T001663",
"T027764",
"T041369",
"T030195",
"T017562",
"T043288"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-40152"
},
{
"cve": "CVE-2022-42003",
"product_status": {
"known_affected": [
"T026183",
"T026073",
"T041370",
"67646",
"T001663",
"T027764",
"T041369",
"T030195",
"T017562",
"T043288"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-42003"
},
{
"cve": "CVE-2022-42004",
"product_status": {
"known_affected": [
"T026183",
"T026073",
"T041370",
"67646",
"T001663",
"T027764",
"T041369",
"T030195",
"T017562",
"T043288"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-42004"
},
{
"cve": "CVE-2022-45047",
"product_status": {
"known_affected": [
"T026183",
"T026073",
"T041370",
"67646",
"T001663",
"T027764",
"T041369",
"T030195",
"T017562",
"T043288"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-45047"
},
{
"cve": "CVE-2022-45693",
"product_status": {
"known_affected": [
"T026183",
"T026073",
"T041370",
"67646",
"T001663",
"T027764",
"T041369",
"T030195",
"T017562",
"T043288"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-45693"
},
{
"cve": "CVE-2022-46364",
"product_status": {
"known_affected": [
"T026183",
"T026073",
"T041370",
"67646",
"T001663",
"T027764",
"T041369",
"T030195",
"T017562",
"T043288"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-46364"
}
]
}
WID-SEC-W-2022-1947
Vulnerability from csaf_certbund - Published: 2019-06-11 22:00 - Updated: 2023-10-15 22:00Summary
Red Hat Single Sign On: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat Single Sign-On ist ein eigenständiger Server, basierend auf dem Keycloak Projekt.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Red Hat Single Sign On ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen, einen Denial of Service Zustand hervorzurufen, Informationen auszuspähen, Sicherheitsvorkehrungen zu umgehen oder beliebigen Programmcode auszuführen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat Single Sign-On ist ein eigenst\u00e4ndiger Server, basierend auf dem Keycloak Projekt.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Red Hat Single Sign On ausnutzen, um einen Cross-Site Scripting Angriff durchzuf\u00fchren, einen Denial of Service Zustand hervorzurufen, Informationen auszusp\u00e4hen, Sicherheitsvorkehrungen zu umgehen oder beliebigen Programmcode auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-1947 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2019/wid-sec-w-2022-1947.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-1947 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1947"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5693 vom 2023-10-16",
"url": "https://access.redhat.com/errata/RHSA-2023:5693"
},
{
"category": "external",
"summary": "Red Hat Security Advisory: RHSA-2019:1456 vom 2019-06-11",
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:2439 vom 2019-08-12",
"url": "https://access.redhat.com/errata/RHSA-2019:2439"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:0132 vom 2020-01-16",
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:0133 vom 2020-01-16",
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:2587 vom 2019-09-05",
"url": "https://access.redhat.com/errata/RHSA-2019:2587"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3023 vom 2019-10-10",
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3024 vom 2019-10-10",
"url": "https://access.redhat.com/errata/RHSA-2019:3024"
},
{
"category": "external",
"summary": "PoC Collection \"awesome-cve-poc\" vom 2019-11-05",
"url": "https://github.com/qazbnm456/awesome-cve-poc"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:1325 vom 2020-04-06",
"url": "https://access.redhat.com/errata/RHSA-2020:1325"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:2412 vom 2020-07-13",
"url": "https://access.redhat.com/errata/RHSA-2020:2412"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:3247 vom 2020-08-04",
"url": "https://access.redhat.com/errata/RHSA-2020:3247"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:3936 vom 2020-09-29",
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:4670 vom 2020-11-04",
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:4847 vom 2020-11-04",
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:5581 vom 2020-12-16",
"url": "https://access.redhat.com/errata/RHSA-2020:5581"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:5571 vom 2020-12-16",
"url": "https://access.redhat.com/errata/RHSA-2020:5571"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7343 vom 2022-11-02",
"url": "https://access.redhat.com/errata/RHSA-2022:7343"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8652 vom 2022-11-28",
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8848 vom 2022-12-08",
"url": "https://access.redhat.com/errata/RHSA-2022:8848"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8865 vom 2022-12-08",
"url": "https://access.redhat.com/errata/RHSA-2022:8865"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2023-1905 vom 2023-01-23",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-1905.html"
}
],
"source_lang": "en-US",
"title": "Red Hat Single Sign On: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-10-15T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:37:29.362+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-1947",
"initial_release_date": "2019-06-11T22:00:00.000+00:00",
"revision_history": [
{
"date": "2019-06-11T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2019-08-12T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-09-04T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-10-10T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-11-05T23:00:00.000+00:00",
"number": "5",
"summary": "Exploit aufgenommen"
},
{
"date": "2020-01-16T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-04-05T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-07-13T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-08-04T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-09-29T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-11-03T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-12-16T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-11-02T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-11-28T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-12-07T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-01-23T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-10-15T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "17"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_name",
"name": "Red Hat Single Sign On 7.3",
"product": {
"name": "Red Hat Single Sign On 7.3",
"product_id": "T014361",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:single_sign_on:7.3"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Web-Browser zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2016-10735"
},
{
"cve": "CVE-2018-14041",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Web-Browser zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2018-14041"
},
{
"cve": "CVE-2018-20676",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Web-Browser zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2018-20676"
},
{
"cve": "CVE-2018-20677",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Web-Browser zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2018-20677"
},
{
"cve": "CVE-2019-3872",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Web-Browser zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2019-3872"
},
{
"cve": "CVE-2019-3873",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Web-Browser zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2019-3873"
},
{
"cve": "CVE-2019-8331",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Web-Browser zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2019-8331"
},
{
"cve": "CVE-2019-3888",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existiert eine Schwachstelle. Die Schwachstelle existiert dadurch, dass der Undertow Web Server die Anmeldeinformation in Klartext in Log-Daten schreibt. Ein authentisierter Angreifer kann diese Schwachstelle ausnutzen, um diese Anmeldeinformationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2019-3888"
},
{
"cve": "CVE-2019-3875",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existiert eine Schwachstelle. Die Schwachstelle existiert aufgrund einer unzureichenden Sperrpr\u00fcfung bei der Validierung von X.509-Zertifikaten. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2019-3875"
},
{
"cve": "CVE-2019-10157",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existiert eine Schwachstelle. Die Schwachstelle existiert aufgrund einer fehlenden Validierung von Zertifikaten, in dessen Folge der Benutzer ausgeloggt wird und sich nicht mehr einloggen kann. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2019-10157"
},
{
"cve": "CVE-2019-11358",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existiert eine Schwachstelle. Die Schwachstelle existiert in der Komponente jQuery, welche anf\u00e4llig f\u00fcr einen prototype-pollution-Angriff ist. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder beliebigen Programmcode auszuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2019-11358"
}
]
}
WID-SEC-W-2024-1872
Vulnerability from csaf_certbund - Published: 2021-07-25 22:00 - Updated: 2024-08-15 22:00Summary
IBM QRadar SIEM: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.
Angriff
Ein entfernter anonymer oder authentifizierter Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um vertrauliche Informationen offenzulegen, Sicherheitsmaßnahmen zu umgehen, Dateien zu manipulieren, einen Denial-of-Service-Zustand auszulösen und einen Cross-Site-Scripting-Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM QRadar Security Information and Event Management (SIEM) bietet Unterst\u00fctzung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter anonymer oder authentifizierter Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, Dateien zu manipulieren, einen Denial-of-Service-Zustand auszul\u00f6sen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1872 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2024-1872.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1872 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1872"
},
{
"category": "external",
"summary": "IBM Security Bulletin vom 2021-07-25",
"url": "https://www.ibm.com/support/pages/node/6474847"
},
{
"category": "external",
"summary": "IBM Security Bulletin vom 2021-07-25",
"url": "https://www.ibm.com/support/pages/node/6474843"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7165686 vom 2024-08-16",
"url": "https://www.ibm.com/support/pages/node/7165686"
}
],
"source_lang": "en-US",
"title": "IBM QRadar SIEM: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-08-15T22:00:00.000+00:00",
"generator": {
"date": "2024-08-16T10:07:42.475+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-1872",
"initial_release_date": "2021-07-25T22:00:00.000+00:00",
"revision_history": [
{
"date": "2021-07-25T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-08-15T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.4.3 Patch 1",
"product": {
"name": "IBM QRadar SIEM \u003c7.4.3 Patch 1",
"product_id": "T019825"
}
},
{
"category": "product_version_range",
"name": "\u003c7.3.3 Patch 9",
"product": {
"name": "IBM QRadar SIEM \u003c7.3.3 Patch 9",
"product_id": "T019964"
}
},
{
"category": "product_version",
"name": "7.5",
"product": {
"name": "IBM QRadar SIEM 7.5",
"product_id": "T022954",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-20337",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in IBM QRadar SIEM. Der Fehler besteht aufgrund der Verwendung eines schwachen kryptografischen Algorithmus. Ein entfernter anonymer Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2021-07-25T22:00:00.000+00:00",
"title": "CVE-2021-20337"
},
{
"cve": "CVE-2015-9251",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Guava, Apache XML Graphics Batik, Apache HttpClient, Apache CXF, jQuery und Apache Tika. Ein entfernter anonymer oder authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, Dateien zu manipulieren, einen Denial-of-Service-Zustand auszul\u00f6sen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2021-07-25T22:00:00.000+00:00",
"title": "CVE-2015-9251"
},
{
"cve": "CVE-2019-11358",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Guava, Apache XML Graphics Batik, Apache HttpClient, Apache CXF, jQuery und Apache Tika. Ein entfernter anonymer oder authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, Dateien zu manipulieren, einen Denial-of-Service-Zustand auszul\u00f6sen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2021-07-25T22:00:00.000+00:00",
"title": "CVE-2019-11358"
},
{
"cve": "CVE-2020-11022",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Guava, Apache XML Graphics Batik, Apache HttpClient, Apache CXF, jQuery und Apache Tika. Ein entfernter anonymer oder authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, Dateien zu manipulieren, einen Denial-of-Service-Zustand auszul\u00f6sen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2021-07-25T22:00:00.000+00:00",
"title": "CVE-2020-11022"
},
{
"cve": "CVE-2020-11023",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Guava, Apache XML Graphics Batik, Apache HttpClient, Apache CXF, jQuery und Apache Tika. Ein entfernter anonymer oder authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, Dateien zu manipulieren, einen Denial-of-Service-Zustand auszul\u00f6sen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2021-07-25T22:00:00.000+00:00",
"title": "CVE-2020-11023"
},
{
"cve": "CVE-2020-11987",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Guava, Apache XML Graphics Batik, Apache HttpClient, Apache CXF, jQuery und Apache Tika. Ein entfernter anonymer oder authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, Dateien zu manipulieren, einen Denial-of-Service-Zustand auszul\u00f6sen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2021-07-25T22:00:00.000+00:00",
"title": "CVE-2020-11987"
},
{
"cve": "CVE-2020-13954",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Guava, Apache XML Graphics Batik, Apache HttpClient, Apache CXF, jQuery und Apache Tika. Ein entfernter anonymer oder authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, Dateien zu manipulieren, einen Denial-of-Service-Zustand auszul\u00f6sen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2021-07-25T22:00:00.000+00:00",
"title": "CVE-2020-13954"
},
{
"cve": "CVE-2020-13956",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Guava, Apache XML Graphics Batik, Apache HttpClient, Apache CXF, jQuery und Apache Tika. Ein entfernter anonymer oder authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, Dateien zu manipulieren, einen Denial-of-Service-Zustand auszul\u00f6sen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2021-07-25T22:00:00.000+00:00",
"title": "CVE-2020-13956"
},
{
"cve": "CVE-2020-8908",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Guava, Apache XML Graphics Batik, Apache HttpClient, Apache CXF, jQuery und Apache Tika. Ein entfernter anonymer oder authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, Dateien zu manipulieren, einen Denial-of-Service-Zustand auszul\u00f6sen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2021-07-25T22:00:00.000+00:00",
"title": "CVE-2020-8908"
},
{
"cve": "CVE-2021-28657",
"notes": [
{
"category": "description",
"text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Guava, Apache XML Graphics Batik, Apache HttpClient, Apache CXF, jQuery und Apache Tika. Ein entfernter anonymer oder authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, Dateien zu manipulieren, einen Denial-of-Service-Zustand auszul\u00f6sen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022954"
]
},
"release_date": "2021-07-25T22:00:00.000+00:00",
"title": "CVE-2021-28657"
}
]
}
OPENSUSE-SU-2024:0231-1
Vulnerability from csaf_opensuse - Published: 2024-08-02 10:51 - Updated: 2024-08-02 10:51Summary
Security update for python-notebook
Notes
Title of the patch
Security update for python-notebook
Description of the patch
This update for python-notebook fixes the following issues:
- Update to 5.7.11
* sanitizer fix CVE-2021-32798 (boo#1227583)
- Update to 5.7.10
* no upstream changelog
- Update to 5.7.9
* Update JQuery dependency to version 3.4.1 to fix security
vulnerability (CVE-2019-11358)
* Update from preact to React
Patchnames
openSUSE-2024-231
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for python-notebook",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for python-notebook fixes the following issues:\n\n- Update to 5.7.11\n * sanitizer fix CVE-2021-32798 (boo#1227583)\n- Update to 5.7.10\n * no upstream changelog\n- Update to 5.7.9\n * Update JQuery dependency to version 3.4.1 to fix security\n vulnerability (CVE-2019-11358)\n * Update from preact to React \n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2024-231",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_0231-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2024:0231-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MGXYA34Z6RRQFK6OU2VOIH22CODOT5ES/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2024:0231-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MGXYA34Z6RRQFK6OU2VOIH22CODOT5ES/"
},
{
"category": "self",
"summary": "SUSE Bug 1227583",
"url": "https://bugzilla.suse.com/1227583"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11358 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11358/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32798 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32798/"
}
],
"title": "Security update for python-notebook",
"tracking": {
"current_release_date": "2024-08-02T10:51:39Z",
"generator": {
"date": "2024-08-02T10:51:39Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:0231-1",
"initial_release_date": "2024-08-02T10:51:39Z",
"revision_history": [
{
"date": "2024-08-02T10:51:39Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "jupyter-notebook-5.7.11-bp156.4.3.1.noarch",
"product": {
"name": "jupyter-notebook-5.7.11-bp156.4.3.1.noarch",
"product_id": "jupyter-notebook-5.7.11-bp156.4.3.1.noarch"
}
},
{
"category": "product_version",
"name": "jupyter-notebook-doc-5.7.11-bp156.4.3.1.noarch",
"product": {
"name": "jupyter-notebook-doc-5.7.11-bp156.4.3.1.noarch",
"product_id": "jupyter-notebook-doc-5.7.11-bp156.4.3.1.noarch"
}
},
{
"category": "product_version",
"name": "jupyter-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"product": {
"name": "jupyter-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"product_id": "jupyter-notebook-lang-5.7.11-bp156.4.3.1.noarch"
}
},
{
"category": "product_version",
"name": "jupyter-notebook-latex-5.7.11-bp156.4.3.1.noarch",
"product": {
"name": "jupyter-notebook-latex-5.7.11-bp156.4.3.1.noarch",
"product_id": "jupyter-notebook-latex-5.7.11-bp156.4.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-notebook-5.7.11-bp156.4.3.1.noarch",
"product": {
"name": "python3-notebook-5.7.11-bp156.4.3.1.noarch",
"product_id": "python3-notebook-5.7.11-bp156.4.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"product": {
"name": "python3-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"product_id": "python3-notebook-lang-5.7.11-bp156.4.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 15 SP6",
"product": {
"name": "SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6"
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-5.7.11-bp156.4.3.1.noarch as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:jupyter-notebook-5.7.11-bp156.4.3.1.noarch"
},
"product_reference": "jupyter-notebook-5.7.11-bp156.4.3.1.noarch",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-doc-5.7.11-bp156.4.3.1.noarch as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:jupyter-notebook-doc-5.7.11-bp156.4.3.1.noarch"
},
"product_reference": "jupyter-notebook-doc-5.7.11-bp156.4.3.1.noarch",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-lang-5.7.11-bp156.4.3.1.noarch as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:jupyter-notebook-lang-5.7.11-bp156.4.3.1.noarch"
},
"product_reference": "jupyter-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-latex-5.7.11-bp156.4.3.1.noarch as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:jupyter-notebook-latex-5.7.11-bp156.4.3.1.noarch"
},
"product_reference": "jupyter-notebook-latex-5.7.11-bp156.4.3.1.noarch",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-notebook-5.7.11-bp156.4.3.1.noarch as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:python3-notebook-5.7.11-bp156.4.3.1.noarch"
},
"product_reference": "python3-notebook-5.7.11-bp156.4.3.1.noarch",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-notebook-lang-5.7.11-bp156.4.3.1.noarch as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:python3-notebook-lang-5.7.11-bp156.4.3.1.noarch"
},
"product_reference": "python3-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-5.7.11-bp156.4.3.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:jupyter-notebook-5.7.11-bp156.4.3.1.noarch"
},
"product_reference": "jupyter-notebook-5.7.11-bp156.4.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-doc-5.7.11-bp156.4.3.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:jupyter-notebook-doc-5.7.11-bp156.4.3.1.noarch"
},
"product_reference": "jupyter-notebook-doc-5.7.11-bp156.4.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-lang-5.7.11-bp156.4.3.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:jupyter-notebook-lang-5.7.11-bp156.4.3.1.noarch"
},
"product_reference": "jupyter-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-latex-5.7.11-bp156.4.3.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:jupyter-notebook-latex-5.7.11-bp156.4.3.1.noarch"
},
"product_reference": "jupyter-notebook-latex-5.7.11-bp156.4.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-notebook-5.7.11-bp156.4.3.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python3-notebook-5.7.11-bp156.4.3.1.noarch"
},
"product_reference": "python3-notebook-5.7.11-bp156.4.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-notebook-lang-5.7.11-bp156.4.3.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python3-notebook-lang-5.7.11-bp156.4.3.1.noarch"
},
"product_reference": "python3-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-11358",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11358"
}
],
"notes": [
{
"category": "general",
"text": "jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:jupyter-notebook-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:jupyter-notebook-doc-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:jupyter-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:jupyter-notebook-latex-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:python3-notebook-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:python3-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:jupyter-notebook-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:jupyter-notebook-doc-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:jupyter-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:jupyter-notebook-latex-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:python3-notebook-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:python3-notebook-lang-5.7.11-bp156.4.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11358",
"url": "https://www.suse.com/security/cve/CVE-2019-11358"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:jupyter-notebook-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:jupyter-notebook-doc-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:jupyter-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:jupyter-notebook-latex-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:python3-notebook-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:python3-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:jupyter-notebook-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:jupyter-notebook-doc-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:jupyter-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:jupyter-notebook-latex-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:python3-notebook-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:python3-notebook-lang-5.7.11-bp156.4.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:jupyter-notebook-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:jupyter-notebook-doc-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:jupyter-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:jupyter-notebook-latex-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:python3-notebook-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:python3-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:jupyter-notebook-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:jupyter-notebook-doc-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:jupyter-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:jupyter-notebook-latex-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:python3-notebook-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:python3-notebook-lang-5.7.11-bp156.4.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-02T10:51:39Z",
"details": "moderate"
}
],
"title": "CVE-2019-11358"
},
{
"cve": "CVE-2021-32798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32798"
}
],
"notes": [
{
"category": "general",
"text": "The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions untrusted notebook can execute code on load. Jupyter Notebook uses a deprecated version of Google Caja to sanitize user inputs. A public Caja bypass can be used to trigger an XSS when a victim opens a malicious ipynb document in Jupyter Notebook. The XSS allows an attacker to execute arbitrary code on the victim computer using Jupyter APIs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:jupyter-notebook-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:jupyter-notebook-doc-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:jupyter-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:jupyter-notebook-latex-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:python3-notebook-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:python3-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:jupyter-notebook-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:jupyter-notebook-doc-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:jupyter-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:jupyter-notebook-latex-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:python3-notebook-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:python3-notebook-lang-5.7.11-bp156.4.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32798",
"url": "https://www.suse.com/security/cve/CVE-2021-32798"
},
{
"category": "external",
"summary": "SUSE Bug 1227583 for CVE-2021-32798",
"url": "https://bugzilla.suse.com/1227583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:jupyter-notebook-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:jupyter-notebook-doc-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:jupyter-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:jupyter-notebook-latex-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:python3-notebook-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:python3-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:jupyter-notebook-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:jupyter-notebook-doc-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:jupyter-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:jupyter-notebook-latex-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:python3-notebook-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:python3-notebook-lang-5.7.11-bp156.4.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:jupyter-notebook-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:jupyter-notebook-doc-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:jupyter-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:jupyter-notebook-latex-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:python3-notebook-5.7.11-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:python3-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:jupyter-notebook-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:jupyter-notebook-doc-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:jupyter-notebook-lang-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:jupyter-notebook-latex-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:python3-notebook-5.7.11-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:python3-notebook-lang-5.7.11-bp156.4.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-02T10:51:39Z",
"details": "critical"
}
],
"title": "CVE-2021-32798"
}
]
}
OPENSUSE-SU-2024:11242-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
jupyter-notebook-6.2.0-1.4 on GA media
Notes
Title of the patch
jupyter-notebook-6.2.0-1.4 on GA media
Description of the patch
These are all security issues fixed in the jupyter-notebook-6.2.0-1.4 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-11242
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "jupyter-notebook-6.2.0-1.4 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the jupyter-notebook-6.2.0-1.4 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-11242",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11242-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-6524 page",
"url": "https://www.suse.com/security/cve/CVE-2016-6524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9971 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14041 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14041/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-8768 page",
"url": "https://www.suse.com/security/cve/CVE-2018-8768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10255 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10255/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11358 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11358/"
}
],
"title": "jupyter-notebook-6.2.0-1.4 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:11242-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "jupyter-notebook-6.2.0-1.4.aarch64",
"product": {
"name": "jupyter-notebook-6.2.0-1.4.aarch64",
"product_id": "jupyter-notebook-6.2.0-1.4.aarch64"
}
},
{
"category": "product_version",
"name": "jupyter-notebook-lang-6.2.0-1.4.aarch64",
"product": {
"name": "jupyter-notebook-lang-6.2.0-1.4.aarch64",
"product_id": "jupyter-notebook-lang-6.2.0-1.4.aarch64"
}
},
{
"category": "product_version",
"name": "jupyter-notebook-latex-6.2.0-1.4.aarch64",
"product": {
"name": "jupyter-notebook-latex-6.2.0-1.4.aarch64",
"product_id": "jupyter-notebook-latex-6.2.0-1.4.aarch64"
}
},
{
"category": "product_version",
"name": "python36-notebook-6.2.0-1.4.aarch64",
"product": {
"name": "python36-notebook-6.2.0-1.4.aarch64",
"product_id": "python36-notebook-6.2.0-1.4.aarch64"
}
},
{
"category": "product_version",
"name": "python36-notebook-lang-6.2.0-1.4.aarch64",
"product": {
"name": "python36-notebook-lang-6.2.0-1.4.aarch64",
"product_id": "python36-notebook-lang-6.2.0-1.4.aarch64"
}
},
{
"category": "product_version",
"name": "python38-notebook-6.2.0-1.4.aarch64",
"product": {
"name": "python38-notebook-6.2.0-1.4.aarch64",
"product_id": "python38-notebook-6.2.0-1.4.aarch64"
}
},
{
"category": "product_version",
"name": "python38-notebook-lang-6.2.0-1.4.aarch64",
"product": {
"name": "python38-notebook-lang-6.2.0-1.4.aarch64",
"product_id": "python38-notebook-lang-6.2.0-1.4.aarch64"
}
},
{
"category": "product_version",
"name": "python39-notebook-6.2.0-1.4.aarch64",
"product": {
"name": "python39-notebook-6.2.0-1.4.aarch64",
"product_id": "python39-notebook-6.2.0-1.4.aarch64"
}
},
{
"category": "product_version",
"name": "python39-notebook-lang-6.2.0-1.4.aarch64",
"product": {
"name": "python39-notebook-lang-6.2.0-1.4.aarch64",
"product_id": "python39-notebook-lang-6.2.0-1.4.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "jupyter-notebook-6.2.0-1.4.ppc64le",
"product": {
"name": "jupyter-notebook-6.2.0-1.4.ppc64le",
"product_id": "jupyter-notebook-6.2.0-1.4.ppc64le"
}
},
{
"category": "product_version",
"name": "jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"product": {
"name": "jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"product_id": "jupyter-notebook-lang-6.2.0-1.4.ppc64le"
}
},
{
"category": "product_version",
"name": "jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"product": {
"name": "jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"product_id": "jupyter-notebook-latex-6.2.0-1.4.ppc64le"
}
},
{
"category": "product_version",
"name": "python36-notebook-6.2.0-1.4.ppc64le",
"product": {
"name": "python36-notebook-6.2.0-1.4.ppc64le",
"product_id": "python36-notebook-6.2.0-1.4.ppc64le"
}
},
{
"category": "product_version",
"name": "python36-notebook-lang-6.2.0-1.4.ppc64le",
"product": {
"name": "python36-notebook-lang-6.2.0-1.4.ppc64le",
"product_id": "python36-notebook-lang-6.2.0-1.4.ppc64le"
}
},
{
"category": "product_version",
"name": "python38-notebook-6.2.0-1.4.ppc64le",
"product": {
"name": "python38-notebook-6.2.0-1.4.ppc64le",
"product_id": "python38-notebook-6.2.0-1.4.ppc64le"
}
},
{
"category": "product_version",
"name": "python38-notebook-lang-6.2.0-1.4.ppc64le",
"product": {
"name": "python38-notebook-lang-6.2.0-1.4.ppc64le",
"product_id": "python38-notebook-lang-6.2.0-1.4.ppc64le"
}
},
{
"category": "product_version",
"name": "python39-notebook-6.2.0-1.4.ppc64le",
"product": {
"name": "python39-notebook-6.2.0-1.4.ppc64le",
"product_id": "python39-notebook-6.2.0-1.4.ppc64le"
}
},
{
"category": "product_version",
"name": "python39-notebook-lang-6.2.0-1.4.ppc64le",
"product": {
"name": "python39-notebook-lang-6.2.0-1.4.ppc64le",
"product_id": "python39-notebook-lang-6.2.0-1.4.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "jupyter-notebook-6.2.0-1.4.s390x",
"product": {
"name": "jupyter-notebook-6.2.0-1.4.s390x",
"product_id": "jupyter-notebook-6.2.0-1.4.s390x"
}
},
{
"category": "product_version",
"name": "jupyter-notebook-lang-6.2.0-1.4.s390x",
"product": {
"name": "jupyter-notebook-lang-6.2.0-1.4.s390x",
"product_id": "jupyter-notebook-lang-6.2.0-1.4.s390x"
}
},
{
"category": "product_version",
"name": "jupyter-notebook-latex-6.2.0-1.4.s390x",
"product": {
"name": "jupyter-notebook-latex-6.2.0-1.4.s390x",
"product_id": "jupyter-notebook-latex-6.2.0-1.4.s390x"
}
},
{
"category": "product_version",
"name": "python36-notebook-6.2.0-1.4.s390x",
"product": {
"name": "python36-notebook-6.2.0-1.4.s390x",
"product_id": "python36-notebook-6.2.0-1.4.s390x"
}
},
{
"category": "product_version",
"name": "python36-notebook-lang-6.2.0-1.4.s390x",
"product": {
"name": "python36-notebook-lang-6.2.0-1.4.s390x",
"product_id": "python36-notebook-lang-6.2.0-1.4.s390x"
}
},
{
"category": "product_version",
"name": "python38-notebook-6.2.0-1.4.s390x",
"product": {
"name": "python38-notebook-6.2.0-1.4.s390x",
"product_id": "python38-notebook-6.2.0-1.4.s390x"
}
},
{
"category": "product_version",
"name": "python38-notebook-lang-6.2.0-1.4.s390x",
"product": {
"name": "python38-notebook-lang-6.2.0-1.4.s390x",
"product_id": "python38-notebook-lang-6.2.0-1.4.s390x"
}
},
{
"category": "product_version",
"name": "python39-notebook-6.2.0-1.4.s390x",
"product": {
"name": "python39-notebook-6.2.0-1.4.s390x",
"product_id": "python39-notebook-6.2.0-1.4.s390x"
}
},
{
"category": "product_version",
"name": "python39-notebook-lang-6.2.0-1.4.s390x",
"product": {
"name": "python39-notebook-lang-6.2.0-1.4.s390x",
"product_id": "python39-notebook-lang-6.2.0-1.4.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "jupyter-notebook-6.2.0-1.4.x86_64",
"product": {
"name": "jupyter-notebook-6.2.0-1.4.x86_64",
"product_id": "jupyter-notebook-6.2.0-1.4.x86_64"
}
},
{
"category": "product_version",
"name": "jupyter-notebook-lang-6.2.0-1.4.x86_64",
"product": {
"name": "jupyter-notebook-lang-6.2.0-1.4.x86_64",
"product_id": "jupyter-notebook-lang-6.2.0-1.4.x86_64"
}
},
{
"category": "product_version",
"name": "jupyter-notebook-latex-6.2.0-1.4.x86_64",
"product": {
"name": "jupyter-notebook-latex-6.2.0-1.4.x86_64",
"product_id": "jupyter-notebook-latex-6.2.0-1.4.x86_64"
}
},
{
"category": "product_version",
"name": "python36-notebook-6.2.0-1.4.x86_64",
"product": {
"name": "python36-notebook-6.2.0-1.4.x86_64",
"product_id": "python36-notebook-6.2.0-1.4.x86_64"
}
},
{
"category": "product_version",
"name": "python36-notebook-lang-6.2.0-1.4.x86_64",
"product": {
"name": "python36-notebook-lang-6.2.0-1.4.x86_64",
"product_id": "python36-notebook-lang-6.2.0-1.4.x86_64"
}
},
{
"category": "product_version",
"name": "python38-notebook-6.2.0-1.4.x86_64",
"product": {
"name": "python38-notebook-6.2.0-1.4.x86_64",
"product_id": "python38-notebook-6.2.0-1.4.x86_64"
}
},
{
"category": "product_version",
"name": "python38-notebook-lang-6.2.0-1.4.x86_64",
"product": {
"name": "python38-notebook-lang-6.2.0-1.4.x86_64",
"product_id": "python38-notebook-lang-6.2.0-1.4.x86_64"
}
},
{
"category": "product_version",
"name": "python39-notebook-6.2.0-1.4.x86_64",
"product": {
"name": "python39-notebook-6.2.0-1.4.x86_64",
"product_id": "python39-notebook-6.2.0-1.4.x86_64"
}
},
{
"category": "product_version",
"name": "python39-notebook-lang-6.2.0-1.4.x86_64",
"product": {
"name": "python39-notebook-lang-6.2.0-1.4.x86_64",
"product_id": "python39-notebook-lang-6.2.0-1.4.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-6.2.0-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64"
},
"product_reference": "jupyter-notebook-6.2.0-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-6.2.0-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le"
},
"product_reference": "jupyter-notebook-6.2.0-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-6.2.0-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x"
},
"product_reference": "jupyter-notebook-6.2.0-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-6.2.0-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64"
},
"product_reference": "jupyter-notebook-6.2.0-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-lang-6.2.0-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64"
},
"product_reference": "jupyter-notebook-lang-6.2.0-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-lang-6.2.0-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le"
},
"product_reference": "jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-lang-6.2.0-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x"
},
"product_reference": "jupyter-notebook-lang-6.2.0-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-lang-6.2.0-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64"
},
"product_reference": "jupyter-notebook-lang-6.2.0-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-latex-6.2.0-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64"
},
"product_reference": "jupyter-notebook-latex-6.2.0-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-latex-6.2.0-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le"
},
"product_reference": "jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-latex-6.2.0-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x"
},
"product_reference": "jupyter-notebook-latex-6.2.0-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-latex-6.2.0-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64"
},
"product_reference": "jupyter-notebook-latex-6.2.0-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python36-notebook-6.2.0-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64"
},
"product_reference": "python36-notebook-6.2.0-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python36-notebook-6.2.0-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le"
},
"product_reference": "python36-notebook-6.2.0-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python36-notebook-6.2.0-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x"
},
"product_reference": "python36-notebook-6.2.0-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python36-notebook-6.2.0-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64"
},
"product_reference": "python36-notebook-6.2.0-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python36-notebook-lang-6.2.0-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64"
},
"product_reference": "python36-notebook-lang-6.2.0-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python36-notebook-lang-6.2.0-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le"
},
"product_reference": "python36-notebook-lang-6.2.0-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python36-notebook-lang-6.2.0-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x"
},
"product_reference": "python36-notebook-lang-6.2.0-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python36-notebook-lang-6.2.0-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64"
},
"product_reference": "python36-notebook-lang-6.2.0-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python38-notebook-6.2.0-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64"
},
"product_reference": "python38-notebook-6.2.0-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python38-notebook-6.2.0-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le"
},
"product_reference": "python38-notebook-6.2.0-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python38-notebook-6.2.0-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x"
},
"product_reference": "python38-notebook-6.2.0-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python38-notebook-6.2.0-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64"
},
"product_reference": "python38-notebook-6.2.0-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python38-notebook-lang-6.2.0-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64"
},
"product_reference": "python38-notebook-lang-6.2.0-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python38-notebook-lang-6.2.0-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le"
},
"product_reference": "python38-notebook-lang-6.2.0-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python38-notebook-lang-6.2.0-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x"
},
"product_reference": "python38-notebook-lang-6.2.0-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python38-notebook-lang-6.2.0-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64"
},
"product_reference": "python38-notebook-lang-6.2.0-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-notebook-6.2.0-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64"
},
"product_reference": "python39-notebook-6.2.0-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-notebook-6.2.0-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le"
},
"product_reference": "python39-notebook-6.2.0-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-notebook-6.2.0-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x"
},
"product_reference": "python39-notebook-6.2.0-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-notebook-6.2.0-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64"
},
"product_reference": "python39-notebook-6.2.0-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-notebook-lang-6.2.0-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64"
},
"product_reference": "python39-notebook-lang-6.2.0-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-notebook-lang-6.2.0-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le"
},
"product_reference": "python39-notebook-lang-6.2.0-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-notebook-lang-6.2.0-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x"
},
"product_reference": "python39-notebook-lang-6.2.0-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-notebook-lang-6.2.0-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
},
"product_reference": "python39-notebook-lang-6.2.0-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-6524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-6524"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-6524",
"url": "https://www.suse.com/security/cve/CVE-2016-6524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-6524"
},
{
"cve": "CVE-2016-9971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9971"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9971",
"url": "https://www.suse.com/security/cve/CVE-2016-9971"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9971"
},
{
"cve": "CVE-2018-14041",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14041"
}
],
"notes": [
{
"category": "general",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14041",
"url": "https://www.suse.com/security/cve/CVE-2018-14041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14041"
},
{
"cve": "CVE-2018-8768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-8768"
}
],
"notes": [
{
"category": "general",
"text": "In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. Specifically, invalid HTML is \u0027fixed\u0027 by jQuery after sanitization, making it dangerous.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-8768",
"url": "https://www.suse.com/security/cve/CVE-2018-8768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-8768"
},
{
"cve": "CVE-2019-10255",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10255"
}
],
"notes": [
{
"category": "general",
"text": "An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.5 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url prefix are not affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10255",
"url": "https://www.suse.com/security/cve/CVE-2019-10255"
},
{
"category": "external",
"summary": "SUSE Bug 1131105 for CVE-2019-10255",
"url": "https://bugzilla.suse.com/1131105"
},
{
"category": "external",
"summary": "SUSE Bug 1131652 for CVE-2019-10255",
"url": "https://bugzilla.suse.com/1131652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2019-10255"
},
{
"cve": "CVE-2019-11358",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11358"
}
],
"notes": [
{
"category": "general",
"text": "jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11358",
"url": "https://www.suse.com/security/cve/CVE-2019-11358"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-11358"
}
]
}
OPENSUSE-SU-2026:10005-1
Vulnerability from csaf_opensuse - Published: 2026-01-03 00:00 - Updated: 2026-01-03 00:00Summary
python312-Django6-6.0-1.1 on GA media
Notes
Title of the patch
python312-Django6-6.0-1.1 on GA media
Description of the patch
These are all security issues fixed in the python312-Django6-6.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2026-10005
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "python312-Django6-6.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the python312-Django6-6.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10005",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10005-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3982 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5145 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5963 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7401 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7401/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12794 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7233 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7233/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7234 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7234/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16984 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6188 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7536 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7536/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7537 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11358 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11358/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-12308 page",
"url": "https://www.suse.com/security/cve/CVE-2019-12308/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-12781 page",
"url": "https://www.suse.com/security/cve/CVE-2019-12781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14232 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14232/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19118 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19118/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19844 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3498 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3498/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6975 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-13254 page",
"url": "https://www.suse.com/security/cve/CVE-2020-13254/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-13596 page",
"url": "https://www.suse.com/security/cve/CVE-2020-13596/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24583 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24584 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24584/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-7471 page",
"url": "https://www.suse.com/security/cve/CVE-2020-7471/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-9402 page",
"url": "https://www.suse.com/security/cve/CVE-2020-9402/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-31542 page",
"url": "https://www.suse.com/security/cve/CVE-2021-31542/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32052 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33203 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33571 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-35042 page",
"url": "https://www.suse.com/security/cve/CVE-2021-35042/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-45115 page",
"url": "https://www.suse.com/security/cve/CVE-2021-45115/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-45452 page",
"url": "https://www.suse.com/security/cve/CVE-2021-45452/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-22818 page",
"url": "https://www.suse.com/security/cve/CVE-2022-22818/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-23833 page",
"url": "https://www.suse.com/security/cve/CVE-2022-23833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-28346 page",
"url": "https://www.suse.com/security/cve/CVE-2022-28346/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-28347 page",
"url": "https://www.suse.com/security/cve/CVE-2022-28347/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-34265 page",
"url": "https://www.suse.com/security/cve/CVE-2022-34265/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-36359 page",
"url": "https://www.suse.com/security/cve/CVE-2022-36359/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41323 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41323/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-23969 page",
"url": "https://www.suse.com/security/cve/CVE-2023-23969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-24580 page",
"url": "https://www.suse.com/security/cve/CVE-2023-24580/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-31047 page",
"url": "https://www.suse.com/security/cve/CVE-2023-31047/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-36053 page",
"url": "https://www.suse.com/security/cve/CVE-2023-36053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-41164 page",
"url": "https://www.suse.com/security/cve/CVE-2023-41164/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-43665 page",
"url": "https://www.suse.com/security/cve/CVE-2023-43665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24680 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27351 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27351/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38875 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39329 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39329/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39330 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39330/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39614 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41989 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41990 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41991 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-42005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-42005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45230 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45230/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45231 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45231/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53907 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53907/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53908 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53908/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56374 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56374/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-13372 page",
"url": "https://www.suse.com/security/cve/CVE-2025-13372/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-26699 page",
"url": "https://www.suse.com/security/cve/CVE-2025-26699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-27556 page",
"url": "https://www.suse.com/security/cve/CVE-2025-27556/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-32873 page",
"url": "https://www.suse.com/security/cve/CVE-2025-32873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-48432 page",
"url": "https://www.suse.com/security/cve/CVE-2025-48432/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-57833 page",
"url": "https://www.suse.com/security/cve/CVE-2025-57833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59681 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59681/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59682 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59682/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-64459 page",
"url": "https://www.suse.com/security/cve/CVE-2025-64459/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-64460 page",
"url": "https://www.suse.com/security/cve/CVE-2025-64460/"
}
],
"title": "python312-Django6-6.0-1.1 on GA media",
"tracking": {
"current_release_date": "2026-01-03T00:00:00Z",
"generator": {
"date": "2026-01-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10005-1",
"initial_release_date": "2026-01-03T00:00:00Z",
"revision_history": [
{
"date": "2026-01-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python312-Django6-6.0-1.1.aarch64",
"product": {
"name": "python312-Django6-6.0-1.1.aarch64",
"product_id": "python312-Django6-6.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python313-Django6-6.0-1.1.aarch64",
"product": {
"name": "python313-Django6-6.0-1.1.aarch64",
"product_id": "python313-Django6-6.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python312-Django6-6.0-1.1.ppc64le",
"product": {
"name": "python312-Django6-6.0-1.1.ppc64le",
"product_id": "python312-Django6-6.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python313-Django6-6.0-1.1.ppc64le",
"product": {
"name": "python313-Django6-6.0-1.1.ppc64le",
"product_id": "python313-Django6-6.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python312-Django6-6.0-1.1.s390x",
"product": {
"name": "python312-Django6-6.0-1.1.s390x",
"product_id": "python312-Django6-6.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python313-Django6-6.0-1.1.s390x",
"product": {
"name": "python313-Django6-6.0-1.1.s390x",
"product_id": "python313-Django6-6.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python312-Django6-6.0-1.1.x86_64",
"product": {
"name": "python312-Django6-6.0-1.1.x86_64",
"product_id": "python312-Django6-6.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python313-Django6-6.0-1.1.x86_64",
"product": {
"name": "python313-Django6-6.0-1.1.x86_64",
"product_id": "python313-Django6-6.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-Django6-6.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64"
},
"product_reference": "python312-Django6-6.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-Django6-6.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le"
},
"product_reference": "python312-Django6-6.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-Django6-6.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x"
},
"product_reference": "python312-Django6-6.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-Django6-6.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64"
},
"product_reference": "python312-Django6-6.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-Django6-6.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64"
},
"product_reference": "python313-Django6-6.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-Django6-6.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le"
},
"product_reference": "python313-Django6-6.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-Django6-6.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x"
},
"product_reference": "python313-Django6-6.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-Django6-6.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
},
"product_reference": "python313-Django6-6.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-3982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3982"
}
],
"notes": [
{
"category": "general",
"text": "The session.flush function in the cached_db backend in Django 1.8.x before 1.8.2 does not properly flush the session, which allows remote attackers to hijack user sessions via an empty string in the session key.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3982",
"url": "https://www.suse.com/security/cve/CVE-2015-3982"
},
{
"category": "external",
"summary": "SUSE Bug 932265 for CVE-2015-3982",
"url": "https://bugzilla.suse.com/932265"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-3982"
},
{
"cve": "CVE-2015-5145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5145"
}
],
"notes": [
{
"category": "general",
"text": "validators.URLValidator in Django 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5145",
"url": "https://www.suse.com/security/cve/CVE-2015-5145"
},
{
"category": "external",
"summary": "SUSE Bug 937524 for CVE-2015-5145",
"url": "https://bugzilla.suse.com/937524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-5145"
},
{
"cve": "CVE-2015-5963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5963"
}
],
"notes": [
{
"category": "general",
"text": "contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions allows remote attackers to cause a denial of service (session store consumption or session record removal) via a large number of requests to contrib.auth.views.logout, which triggers the creation of an empty session record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5963",
"url": "https://www.suse.com/security/cve/CVE-2015-5963"
},
{
"category": "external",
"summary": "SUSE Bug 941587 for CVE-2015-5963",
"url": "https://bugzilla.suse.com/941587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-5963"
},
{
"cve": "CVE-2016-7401",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7401"
}
],
"notes": [
{
"category": "general",
"text": "The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.10, when used on a site with Google Analytics, allows remote attackers to bypass an intended CSRF protection mechanism by setting arbitrary cookies.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7401",
"url": "https://www.suse.com/security/cve/CVE-2016-7401"
},
{
"category": "external",
"summary": "SUSE Bug 1001374 for CVE-2016-7401",
"url": "https://bugzilla.suse.com/1001374"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7401"
},
{
"cve": "CVE-2017-12794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12794"
}
],
"notes": [
{
"category": "general",
"text": "In Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5, HTML autoescaping was disabled in a portion of the template for the technical 500 debug page. Given the right circumstances, this allowed a cross-site scripting attack. This vulnerability shouldn\u0027t affect most production sites since you shouldn\u0027t run with \"DEBUG = True\" (which makes this page accessible) in your production settings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12794",
"url": "https://www.suse.com/security/cve/CVE-2017-12794"
},
{
"category": "external",
"summary": "SUSE Bug 1056284 for CVE-2017-12794",
"url": "https://bugzilla.suse.com/1056284"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-12794"
},
{
"cve": "CVE-2017-7233",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7233"
}
],
"notes": [
{
"category": "general",
"text": "Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an \"on success\" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric URLs \"safe\" when they shouldn\u0027t be, aka an open redirect vulnerability. Also, if a developer relies on ``is_safe_url()`` to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7233",
"url": "https://www.suse.com/security/cve/CVE-2017-7233"
},
{
"category": "external",
"summary": "SUSE Bug 1031450 for CVE-2017-7233",
"url": "https://bugzilla.suse.com/1031450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2017-7233"
},
{
"cve": "CVE-2017-7234",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7234"
}
],
"notes": [
{
"category": "general",
"text": "A maliciously crafted URL to a Django (1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18) site using the ``django.views.static.serve()`` view could redirect to any other domain, aka an open redirect vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7234",
"url": "https://www.suse.com/security/cve/CVE-2017-7234"
},
{
"category": "external",
"summary": "SUSE Bug 1031451 for CVE-2017-7234",
"url": "https://bugzilla.suse.com/1031451"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2017-7234"
},
{
"cve": "CVE-2018-16984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16984"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.1 before 2.1.2, in which unprivileged users can read the password hashes of arbitrary accounts. The read-only password widget used by the Django Admin to display an obfuscated password hash was bypassed if a user has only the \"view\" permission (new in Django 2.1), resulting in display of the entire password hash to those users. This may result in a vulnerability for sites with legacy user accounts using insecure hashes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16984",
"url": "https://www.suse.com/security/cve/CVE-2018-16984"
},
{
"category": "external",
"summary": "SUSE Bug 1109621 for CVE-2018-16984",
"url": "https://bugzilla.suse.com/1109621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-16984"
},
{
"cve": "CVE-2018-6188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6188"
}
],
"notes": [
{
"category": "general",
"text": "django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6188",
"url": "https://www.suse.com/security/cve/CVE-2018-6188"
},
{
"category": "external",
"summary": "SUSE Bug 1077714 for CVE-2018-6188",
"url": "https://bugzilla.suse.com/1077714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2018-6188"
},
{
"cve": "CVE-2018-7536",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7536"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize() function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions (only one regular expression for Django 1.8.x). The urlize() function is used to implement the urlize and urlizetrunc template filters, which were thus vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7536",
"url": "https://www.suse.com/security/cve/CVE-2018-7536"
},
{
"category": "external",
"summary": "SUSE Bug 1083304 for CVE-2018-7536",
"url": "https://bugzilla.suse.com/1083304"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-7536"
},
{
"cve": "CVE-2018-7537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7537"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator\u0027s chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7537",
"url": "https://www.suse.com/security/cve/CVE-2018-7537"
},
{
"category": "external",
"summary": "SUSE Bug 1083305 for CVE-2018-7537",
"url": "https://bugzilla.suse.com/1083305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-7537"
},
{
"cve": "CVE-2019-11358",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11358"
}
],
"notes": [
{
"category": "general",
"text": "jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11358",
"url": "https://www.suse.com/security/cve/CVE-2019-11358"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-11358"
},
{
"cve": "CVE-2019-12308",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-12308"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provided as a URL query parameter payload, could result in an clickable JavaScript link.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-12308",
"url": "https://www.suse.com/security/cve/CVE-2019-12308"
},
{
"category": "external",
"summary": "SUSE Bug 1136468 for CVE-2019-12308",
"url": "https://bugzilla.suse.com/1136468"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-12308"
},
{
"cve": "CVE-2019-12781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-12781"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words, django.http.HttpRequest.scheme has incorrect behavior when a client uses HTTP.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-12781",
"url": "https://www.suse.com/security/cve/CVE-2019-12781"
},
{
"category": "external",
"summary": "SUSE Bug 1124991 for CVE-2019-12781",
"url": "https://bugzilla.suse.com/1124991"
},
{
"category": "external",
"summary": "SUSE Bug 1139945 for CVE-2019-12781",
"url": "https://bugzilla.suse.com/1139945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-12781"
},
{
"cve": "CVE-2019-14232",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14232"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator\u0027s chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14232",
"url": "https://www.suse.com/security/cve/CVE-2019-14232"
},
{
"category": "external",
"summary": "SUSE Bug 1142880 for CVE-2019-14232",
"url": "https://bugzilla.suse.com/1142880"
},
{
"category": "external",
"summary": "SUSE Bug 1215978 for CVE-2019-14232",
"url": "https://bugzilla.suse.com/1215978"
},
{
"category": "external",
"summary": "SUSE Bug 1220358 for CVE-2019-14232",
"url": "https://bugzilla.suse.com/1220358"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-14232"
},
{
"cve": "CVE-2019-19118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19118"
}
],
"notes": [
{
"category": "general",
"text": "Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model editing. A Django model admin displaying inline related models, where the user has view-only permissions to a parent model but edit permissions to the inline model, would be presented with an editing UI, allowing POST requests, for updating the inline model. Directly editing the view-only parent model was not possible, but the parent model\u0027s save() method was called, triggering potential side effects, and causing pre and post-save signal handlers to be invoked. (To resolve this, the Django admin is adjusted to require edit permissions on the parent model in order for inline models to be editable.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19118",
"url": "https://www.suse.com/security/cve/CVE-2019-19118"
},
{
"category": "external",
"summary": "SUSE Bug 1157705 for CVE-2019-19118",
"url": "https://bugzilla.suse.com/1157705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-19118"
},
{
"cve": "CVE-2019-19844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19844"
}
],
"notes": [
{
"category": "general",
"text": "Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user\u0027s email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19844",
"url": "https://www.suse.com/security/cve/CVE-2019-19844"
},
{
"category": "external",
"summary": "SUSE Bug 1159447 for CVE-2019-19844",
"url": "https://bugzilla.suse.com/1159447"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-19844"
},
{
"cve": "CVE-2019-3498",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3498"
}
],
"notes": [
{
"category": "general",
"text": "In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, an Improper Neutralization of Special Elements in Output Used by a Downstream Component issue exists in django.views.defaults.page_not_found(), leading to content spoofing (in a 404 error page) if a user fails to recognize that a crafted URL has malicious content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3498",
"url": "https://www.suse.com/security/cve/CVE-2019-3498"
},
{
"category": "external",
"summary": "SUSE Bug 1120932 for CVE-2019-3498",
"url": "https://bugzilla.suse.com/1120932"
},
{
"category": "external",
"summary": "SUSE Bug 1139945 for CVE-2019-3498",
"url": "https://bugzilla.suse.com/1139945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2019-3498"
},
{
"cve": "CVE-2019-6975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6975"
}
],
"notes": [
{
"category": "general",
"text": "Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2.1.6 allows Uncontrolled Memory Consumption via a malicious attacker-supplied value to the django.utils.numberformat.format() function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6975",
"url": "https://www.suse.com/security/cve/CVE-2019-6975"
},
{
"category": "external",
"summary": "SUSE Bug 1124991 for CVE-2019-6975",
"url": "https://bugzilla.suse.com/1124991"
},
{
"category": "external",
"summary": "SUSE Bug 1139945 for CVE-2019-6975",
"url": "https://bugzilla.suse.com/1139945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-6975"
},
{
"cve": "CVE-2020-13254",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-13254"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-13254",
"url": "https://www.suse.com/security/cve/CVE-2020-13254"
},
{
"category": "external",
"summary": "SUSE Bug 1172166 for CVE-2020-13254",
"url": "https://bugzilla.suse.com/1172166"
},
{
"category": "external",
"summary": "SUSE Bug 1172167 for CVE-2020-13254",
"url": "https://bugzilla.suse.com/1172167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-13254"
},
{
"cve": "CVE-2020-13596",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-13596"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-13596",
"url": "https://www.suse.com/security/cve/CVE-2020-13596"
},
{
"category": "external",
"summary": "SUSE Bug 1172166 for CVE-2020-13596",
"url": "https://bugzilla.suse.com/1172166"
},
{
"category": "external",
"summary": "SUSE Bug 1172167 for CVE-2020-13596",
"url": "https://bugzilla.suse.com/1172167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-13596"
},
{
"cve": "CVE-2020-24583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24583"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level collected static directories when using the collectstatic management command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24583",
"url": "https://www.suse.com/security/cve/CVE-2020-24583"
},
{
"category": "external",
"summary": "SUSE Bug 1175784 for CVE-2020-24583",
"url": "https://bugzilla.suse.com/1175784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-24583"
},
{
"cve": "CVE-2020-24584",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24584"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). The intermediate-level directories of the filesystem cache had the system\u0027s standard umask rather than 0o077.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24584",
"url": "https://www.suse.com/security/cve/CVE-2020-24584"
},
{
"category": "external",
"summary": "SUSE Bug 1175784 for CVE-2020-24584",
"url": "https://bugzilla.suse.com/1175784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-24584"
},
{
"cve": "CVE-2020-7471",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-7471"
}
],
"notes": [
{
"category": "general",
"text": "Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter (e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter). By passing a suitably crafted delimiter to a contrib.postgres.aggregates.StringAgg instance, it was possible to break escaping and inject malicious SQL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-7471",
"url": "https://www.suse.com/security/cve/CVE-2020-7471"
},
{
"category": "external",
"summary": "SUSE Bug 1161919 for CVE-2020-7471",
"url": "https://bugzilla.suse.com/1161919"
},
{
"category": "external",
"summary": "SUSE Bug 1161920 for CVE-2020-7471",
"url": "https://bugzilla.suse.com/1161920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-7471"
},
{
"cve": "CVE-2020-9402",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-9402"
}
],
"notes": [
{
"category": "general",
"text": "Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggregates on Oracle, it was possible to break escaping and inject malicious SQL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-9402",
"url": "https://www.suse.com/security/cve/CVE-2020-9402"
},
{
"category": "external",
"summary": "SUSE Bug 1165022 for CVE-2020-9402",
"url": "https://bugzilla.suse.com/1165022"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-9402"
},
{
"cve": "CVE-2021-31542",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-31542"
}
],
"notes": [
{
"category": "general",
"text": "In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-31542",
"url": "https://www.suse.com/security/cve/CVE-2021-31542"
},
{
"category": "external",
"summary": "SUSE Bug 1185623 for CVE-2021-31542",
"url": "https://bugzilla.suse.com/1185623"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-31542"
},
{
"cve": "CVE-2021-32052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32052"
}
],
"notes": [
{
"category": "general",
"text": "In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 (with Python 3.9.5+), URLValidator does not prohibit newlines and tabs (unless the URLField form field is used). If an application uses values with newlines in an HTTP response, header injection can occur. Django itself is unaffected because HttpResponse prohibits newlines in HTTP headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32052",
"url": "https://www.suse.com/security/cve/CVE-2021-32052"
},
{
"category": "external",
"summary": "SUSE Bug 1185713 for CVE-2021-32052",
"url": "https://bugzilla.suse.com/1185713"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-32052"
},
{
"cve": "CVE-2021-33203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33203"
}
],
"notes": [
{
"category": "general",
"text": "Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if (and only if) the default admindocs templates have been customized by application developers to also show file contents, then not only the existence but also the file contents would have been exposed. In other words, there is directory traversal outside of the template root directories.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33203",
"url": "https://www.suse.com/security/cve/CVE-2021-33203"
},
{
"category": "external",
"summary": "SUSE Bug 1186608 for CVE-2021-33203",
"url": "https://bugzilla.suse.com/1186608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-33203"
},
{
"cve": "CVE-2021-33571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33571"
}
],
"notes": [
{
"category": "general",
"text": "In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validate_ipv4_address, and validate_ipv46_address do not prohibit leading zero characters in octal literals. This may allow a bypass of access control that is based on IP addresses. (validate_ipv4_address and validate_ipv46_address are unaffected with Python 3.9.5+..) .",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33571",
"url": "https://www.suse.com/security/cve/CVE-2021-33571"
},
{
"category": "external",
"summary": "SUSE Bug 1186611 for CVE-2021-33571",
"url": "https://bugzilla.suse.com/1186611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-33571"
},
{
"cve": "CVE-2021-35042",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-35042"
}
],
"notes": [
{
"category": "general",
"text": "Django 3.1.x before 3.1.13 and 3.2.x before 3.2.5 allows QuerySet.order_by SQL injection if order_by is untrusted input from a client of a web application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-35042",
"url": "https://www.suse.com/security/cve/CVE-2021-35042"
},
{
"category": "external",
"summary": "SUSE Bug 1187785 for CVE-2021-35042",
"url": "https://bugzilla.suse.com/1187785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2021-35042"
},
{
"cve": "CVE-2021-45115",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-45115"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. UserAttributeSimilarityValidator incurred significant overhead in evaluating a submitted password that was artificially large in relation to the comparison values. In a situation where access to user registration was unrestricted, this provided a potential vector for a denial-of-service attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-45115",
"url": "https://www.suse.com/security/cve/CVE-2021-45115"
},
{
"category": "external",
"summary": "SUSE Bug 1194115 for CVE-2021-45115",
"url": "https://bugzilla.suse.com/1194115"
},
{
"category": "external",
"summary": "SUSE Bug 1194117 for CVE-2021-45115",
"url": "https://bugzilla.suse.com/1194117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-45115"
},
{
"cve": "CVE-2021-45452",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-45452"
}
],
"notes": [
{
"category": "general",
"text": "Storage.save in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1 allows directory traversal if crafted filenames are directly passed to it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-45452",
"url": "https://www.suse.com/security/cve/CVE-2021-45452"
},
{
"category": "external",
"summary": "SUSE Bug 1194116 for CVE-2021-45452",
"url": "https://bugzilla.suse.com/1194116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-45452"
},
{
"cve": "CVE-2022-22818",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-22818"
}
],
"notes": [
{
"category": "general",
"text": "The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to XSS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-22818",
"url": "https://www.suse.com/security/cve/CVE-2022-22818"
},
{
"category": "external",
"summary": "SUSE Bug 1195086 for CVE-2022-22818",
"url": "https://bugzilla.suse.com/1195086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-22818"
},
{
"cve": "CVE-2022-23833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-23833"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-23833",
"url": "https://www.suse.com/security/cve/CVE-2022-23833"
},
{
"category": "external",
"summary": "SUSE Bug 1195088 for CVE-2022-23833",
"url": "https://bugzilla.suse.com/1195088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-23833"
},
{
"cve": "CVE-2022-28346",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-28346"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-28346",
"url": "https://www.suse.com/security/cve/CVE-2022-28346"
},
{
"category": "external",
"summary": "SUSE Bug 1198398 for CVE-2022-28346",
"url": "https://bugzilla.suse.com/1198398"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-28346"
},
{
"cve": "CVE-2022-28347",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-28347"
}
],
"notes": [
{
"category": "general",
"text": "A SQL injection issue was discovered in QuerySet.explain() in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. This occurs by passing a crafted dictionary (with dictionary expansion) as the **options argument, and placing the injection payload in an option name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-28347",
"url": "https://www.suse.com/security/cve/CVE-2022-28347"
},
{
"category": "external",
"summary": "SUSE Bug 1198399 for CVE-2022-28347",
"url": "https://bugzilla.suse.com/1198399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-28347"
},
{
"cve": "CVE-2022-34265",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-34265"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-34265",
"url": "https://www.suse.com/security/cve/CVE-2022-34265"
},
{
"category": "external",
"summary": "SUSE Bug 1201186 for CVE-2022-34265",
"url": "https://bugzilla.suse.com/1201186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-34265"
},
{
"cve": "CVE-2022-36359",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-36359"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-36359",
"url": "https://www.suse.com/security/cve/CVE-2022-36359"
},
{
"category": "external",
"summary": "SUSE Bug 1201923 for CVE-2022-36359",
"url": "https://bugzilla.suse.com/1201923"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-36359"
},
{
"cve": "CVE-2022-41323",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41323"
}
],
"notes": [
{
"category": "general",
"text": "In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41323",
"url": "https://www.suse.com/security/cve/CVE-2022-41323"
},
{
"category": "external",
"summary": "SUSE Bug 1203793 for CVE-2022-41323",
"url": "https://bugzilla.suse.com/1203793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-41323"
},
{
"cve": "CVE-2023-23969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-23969"
}
],
"notes": [
{
"category": "general",
"text": "In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very large.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-23969",
"url": "https://www.suse.com/security/cve/CVE-2023-23969"
},
{
"category": "external",
"summary": "SUSE Bug 1207565 for CVE-2023-23969",
"url": "https://bugzilla.suse.com/1207565"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-23969"
},
{
"cve": "CVE-2023-24580",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-24580"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs (e.g., an excessive number of parts) to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for a denial-of-service attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-24580",
"url": "https://www.suse.com/security/cve/CVE-2023-24580"
},
{
"category": "external",
"summary": "SUSE Bug 1208082 for CVE-2023-24580",
"url": "https://bugzilla.suse.com/1208082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-24580"
},
{
"cve": "CVE-2023-31047",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-31047"
}
],
"notes": [
{
"category": "general",
"text": "In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. This multiple upload has never been supported by forms.FileField or forms.ImageField (only the last uploaded file was validated). However, Django\u0027s \"Uploading multiple files\" documentation suggested otherwise.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-31047",
"url": "https://www.suse.com/security/cve/CVE-2023-31047"
},
{
"category": "external",
"summary": "SUSE Bug 1210866 for CVE-2023-31047",
"url": "https://bugzilla.suse.com/1210866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-31047"
},
{
"cve": "CVE-2023-36053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-36053"
}
],
"notes": [
{
"category": "general",
"text": "In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-36053",
"url": "https://www.suse.com/security/cve/CVE-2023-36053"
},
{
"category": "external",
"summary": "SUSE Bug 1212742 for CVE-2023-36053",
"url": "https://bugzilla.suse.com/1212742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-36053"
},
{
"cve": "CVE-2023-41164",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-41164"
}
],
"notes": [
{
"category": "general",
"text": "In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uri_to_iri() is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-41164",
"url": "https://www.suse.com/security/cve/CVE-2023-41164"
},
{
"category": "external",
"summary": "SUSE Bug 1214667 for CVE-2023-41164",
"url": "https://bugzilla.suse.com/1214667"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-41164"
},
{
"cve": "CVE-2023-43665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-43665"
}
],
"notes": [
{
"category": "general",
"text": "In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial of service) attack via certain inputs with very long, potentially malformed HTML text. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which are thus also vulnerable. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-43665",
"url": "https://www.suse.com/security/cve/CVE-2023-43665"
},
{
"category": "external",
"summary": "SUSE Bug 1215978 for CVE-2023-43665",
"url": "https://bugzilla.suse.com/1215978"
},
{
"category": "external",
"summary": "SUSE Bug 1220358 for CVE-2023-43665",
"url": "https://bugzilla.suse.com/1220358"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-43665"
},
{
"cve": "CVE-2024-24680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24680"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24680",
"url": "https://www.suse.com/security/cve/CVE-2024-24680"
},
{
"category": "external",
"summary": "SUSE Bug 1219683 for CVE-2024-24680",
"url": "https://bugzilla.suse.com/1219683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-24680"
},
{
"cve": "CVE-2024-27351",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27351"
}
],
"notes": [
{
"category": "general",
"text": "In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words() method (with html=True) and the truncatewords_html template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232 and CVE-2023-43665.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27351",
"url": "https://www.suse.com/security/cve/CVE-2024-27351"
},
{
"category": "external",
"summary": "SUSE Bug 1220358 for CVE-2024-27351",
"url": "https://bugzilla.suse.com/1220358"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-27351"
},
{
"cve": "CVE-2024-38875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38875"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with a very large number of brackets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38875",
"url": "https://www.suse.com/security/cve/CVE-2024-38875"
},
{
"category": "external",
"summary": "SUSE Bug 1227590 for CVE-2024-38875",
"url": "https://bugzilla.suse.com/1227590"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-38875"
},
{
"cve": "CVE-2024-39329",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39329"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. The django.contrib.auth.backends.ModelBackend.authenticate() method allows remote attackers to enumerate users via a timing attack involving login requests for users with an unusable password.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39329",
"url": "https://www.suse.com/security/cve/CVE-2024-39329"
},
{
"category": "external",
"summary": "SUSE Bug 1227590 for CVE-2024-39329",
"url": "https://bugzilla.suse.com/1227590"
},
{
"category": "external",
"summary": "SUSE Bug 1227593 for CVE-2024-39329",
"url": "https://bugzilla.suse.com/1227593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-39329"
},
{
"cve": "CVE-2024-39330",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39330"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base class, when they override generate_filename() without replicating the file-path validations from the parent class, potentially allow directory traversal via certain inputs during a save() call. (Built-in Storage sub-classes are unaffected.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39330",
"url": "https://www.suse.com/security/cve/CVE-2024-39330"
},
{
"category": "external",
"summary": "SUSE Bug 1227590 for CVE-2024-39330",
"url": "https://bugzilla.suse.com/1227590"
},
{
"category": "external",
"summary": "SUSE Bug 1227594 for CVE-2024-39330",
"url": "https://bugzilla.suse.com/1227594"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-39330"
},
{
"cve": "CVE-2024-39614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39614"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. get_supported_language_variant() was subject to a potential denial-of-service attack when used with very long strings containing specific characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39614",
"url": "https://www.suse.com/security/cve/CVE-2024-39614"
},
{
"category": "external",
"summary": "SUSE Bug 1227590 for CVE-2024-39614",
"url": "https://bugzilla.suse.com/1227590"
},
{
"category": "external",
"summary": "SUSE Bug 1227595 for CVE-2024-39614",
"url": "https://bugzilla.suse.com/1227595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-39614"
},
{
"cve": "CVE-2024-41989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41989"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41989",
"url": "https://www.suse.com/security/cve/CVE-2024-41989"
},
{
"category": "external",
"summary": "SUSE Bug 1228629 for CVE-2024-41989",
"url": "https://bugzilla.suse.com/1228629"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-41989"
},
{
"cve": "CVE-2024-41990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41990"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize() and urlizetrunc() template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41990",
"url": "https://www.suse.com/security/cve/CVE-2024-41990"
},
{
"category": "external",
"summary": "SUSE Bug 1228630 for CVE-2024-41990",
"url": "https://bugzilla.suse.com/1228630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-41990"
},
{
"cve": "CVE-2024-41991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41991"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41991",
"url": "https://www.suse.com/security/cve/CVE-2024-41991"
},
{
"category": "external",
"summary": "SUSE Bug 1228631 for CVE-2024-41991",
"url": "https://bugzilla.suse.com/1228631"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-41991"
},
{
"cve": "CVE-2024-42005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-42005"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. QuerySet.values() and values_list() methods on models with a JSONField are subject to SQL injection in column aliases via a crafted JSON object key as a passed *arg.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-42005",
"url": "https://www.suse.com/security/cve/CVE-2024-42005"
},
{
"category": "external",
"summary": "SUSE Bug 1228632 for CVE-2024-42005",
"url": "https://bugzilla.suse.com/1228632"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-42005"
},
{
"cve": "CVE-2024-45230",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45230"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 5.1 before 5.1.1, 5.0 before 5.0.9, and 4.2 before 4.2.16. The urlize() and urlizetrunc() template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45230",
"url": "https://www.suse.com/security/cve/CVE-2024-45230"
},
{
"category": "external",
"summary": "SUSE Bug 1229823 for CVE-2024-45230",
"url": "https://bugzilla.suse.com/1229823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-45230"
},
{
"cve": "CVE-2024-45231",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45231"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django v5.1.1, v5.0.9, and v4.2.16. The django.contrib.auth.forms.PasswordResetForm class, when used in a view implementing password reset flows, allows remote attackers to enumerate user e-mail addresses by sending password reset requests and observing the outcome (only when e-mail sending is consistently failing).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45231",
"url": "https://www.suse.com/security/cve/CVE-2024-45231"
},
{
"category": "external",
"summary": "SUSE Bug 1229824 for CVE-2024-45231",
"url": "https://bugzilla.suse.com/1229824"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-45231"
},
{
"cve": "CVE-2024-53907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53907"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The strip_tags() method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing large sequences of nested incomplete HTML entities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53907",
"url": "https://www.suse.com/security/cve/CVE-2024-53907"
},
{
"category": "external",
"summary": "SUSE Bug 1234232 for CVE-2024-53907",
"url": "https://bugzilla.suse.com/1234232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-53907"
},
{
"cve": "CVE-2024-53908",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53908"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. (Applications that use the jsonfield.has_key lookup via __ are unaffected.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53908",
"url": "https://www.suse.com/security/cve/CVE-2024-53908"
},
{
"category": "external",
"summary": "SUSE Bug 1234231 for CVE-2024-53908",
"url": "https://bugzilla.suse.com/1234231"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2024-53908"
},
{
"cve": "CVE-2024-56374",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56374"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions clean_ipv6_address and is_valid_ipv6_address are vulnerable, as is the django.forms.GenericIPAddressField form field. (The django.db.models.GenericIPAddressField model field is not affected.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56374",
"url": "https://www.suse.com/security/cve/CVE-2024-56374"
},
{
"category": "external",
"summary": "SUSE Bug 1235856 for CVE-2024-56374",
"url": "https://bugzilla.suse.com/1235856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-56374"
},
{
"cve": "CVE-2025-13372",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-13372"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4.2 before 4.2.27.\n`FilteredRelation` is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the `**kwargs` passed to `QuerySet.annotate()` or `QuerySet.alias()` on PostgreSQL.\nEarlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.\nDjango would like to thank Stackered for reporting this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-13372",
"url": "https://www.suse.com/security/cve/CVE-2025-13372"
},
{
"category": "external",
"summary": "SUSE Bug 1254437 for CVE-2025-13372",
"url": "https://bugzilla.suse.com/1254437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-13372"
},
{
"cve": "CVE-2025-26699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-26699"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2.20. The django.utils.text.wrap() method and wordwrap template filter are subject to a potential denial-of-service attack when used with very long strings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-26699",
"url": "https://www.suse.com/security/cve/CVE-2025-26699"
},
{
"category": "external",
"summary": "SUSE Bug 1239052 for CVE-2025-26699",
"url": "https://bugzilla.suse.com/1239052"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-26699"
},
{
"cve": "CVE-2025-27556",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-27556"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 5.1 before 5.1.8 and 5.0 before 5.0.14. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.views.LoginView, django.contrib.auth.views.LogoutView, and django.views.i18n.set_language are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-27556",
"url": "https://www.suse.com/security/cve/CVE-2025-27556"
},
{
"category": "external",
"summary": "SUSE Bug 1240772 for CVE-2025-27556",
"url": "https://bugzilla.suse.com/1240772"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-27556"
},
{
"cve": "CVE-2025-32873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-32873"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.strip_tags() function is vulnerable to a potential denial-of-service (slow performance) when processing inputs containing large sequences of incomplete HTML tags. The template filter striptags is also vulnerable, because it is built on top of strip_tags().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-32873",
"url": "https://www.suse.com/security/cve/CVE-2025-32873"
},
{
"category": "external",
"summary": "SUSE Bug 1242210 for CVE-2025-32873",
"url": "https://bugzilla.suse.com/1242210"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-32873"
},
{
"cve": "CVE-2025-48432",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-48432"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Internal HTTP response logging does not escape request.path, which allows remote attackers to potentially manipulate log output via crafted URLs. This may lead to log injection or forgery when logs are viewed in terminals or processed by external systems.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-48432",
"url": "https://www.suse.com/security/cve/CVE-2025-48432"
},
{
"category": "external",
"summary": "SUSE Bug 1244095 for CVE-2025-48432",
"url": "https://bugzilla.suse.com/1244095"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-48432"
},
{
"cve": "CVE-2025-57833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-57833"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 4.2 before 4.2.24, 5.1 before 5.1.12, and 5.2 before 5.2.6. FilteredRelation is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed QuerySet.annotate() or QuerySet.alias().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-57833",
"url": "https://www.suse.com/security/cve/CVE-2025-57833"
},
{
"category": "external",
"summary": "SUSE Bug 1248810 for CVE-2025-57833",
"url": "https://bugzilla.suse.com/1248810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-57833"
},
{
"cve": "CVE-2025-59681",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59681"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate(), QuerySet.alias(), QuerySet.aggregate(), and QuerySet.extra() are subject to SQL injection in column aliases, when using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to these methods (on MySQL and MariaDB).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59681",
"url": "https://www.suse.com/security/cve/CVE-2025-59681"
},
{
"category": "external",
"summary": "SUSE Bug 1250485 for CVE-2025-59681",
"url": "https://bugzilla.suse.com/1250485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2025-59681"
},
{
"cve": "CVE-2025-59682",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59682"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract() function, used by the \"startapp --template\" and \"startproject --template\" commands, allows partial directory traversal via an archive with file paths sharing a common prefix with the target directory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59682",
"url": "https://www.suse.com/security/cve/CVE-2025-59682"
},
{
"category": "external",
"summary": "SUSE Bug 1250487 for CVE-2025-59682",
"url": "https://bugzilla.suse.com/1250487"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-59682"
},
{
"cve": "CVE-2025-64459",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-64459"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8.\nThe methods `QuerySet.filter()`, `QuerySet.exclude()`, and `QuerySet.get()`, and the class `Q()`, are subject to SQL injection when using a suitably crafted dictionary, with dictionary expansion, as the `_connector` argument.\nEarlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.\nDjango would like to thank cyberstan for reporting this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-64459",
"url": "https://www.suse.com/security/cve/CVE-2025-64459"
},
{
"category": "external",
"summary": "SUSE Bug 1252926 for CVE-2025-64459",
"url": "https://bugzilla.suse.com/1252926"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-64459"
},
{
"cve": "CVE-2025-64460",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-64460"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4.2 before 4.2.27.\nAlgorithmic complexity in `django.core.serializers.xml_serializer.getInnerText()` allows a remote attacker to cause a potential denial-of-service attack triggering CPU and memory exhaustion via specially crafted XML input processed by the XML `Deserializer`.\nEarlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.\nDjango would like to thank Seokchan Yoon for reporting this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-64460",
"url": "https://www.suse.com/security/cve/CVE-2025-64460"
},
{
"category": "external",
"summary": "SUSE Bug 1254437 for CVE-2025-64460",
"url": "https://bugzilla.suse.com/1254437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python312-Django6-6.0-1.1.x86_64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.aarch64",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.ppc64le",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.s390x",
"openSUSE Tumbleweed:python313-Django6-6.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-64460"
}
]
}
OPENSUSE-SU-2019:1872-1
Vulnerability from csaf_opensuse - Published: 2019-08-14 09:13 - Updated: 2019-08-14 09:13Summary
Security update for python-Django
Notes
Title of the patch
Security update for python-Django
Description of the patch
This update for python-Django fixes the following issues:
Security issues fixed:
- CVE-2019-11358: Fixed prototype pollution.
- CVE-2019-12308: Fixed XSS in AdminURLFieldWidget (bsc#1136468)
- CVE-2019-12781: Fixed incorrect HTTP detection with reverse-proxy connecting via HTTPS (bsc#1139945).
- CVE-2019-14232: Fixed denial-of-service possibility in ``django.utils.text.Truncator`` (bsc#1142880).
- CVE-2019-14233: Fixed denial-of-service possibility in ``strip_tags()`` (bsc#1142882).
- CVE-2019-14234: Fixed SQL injection possibility in key and index lookups for ``JSONField``/``HStoreField`` (bsc#1142883).
- CVE-2019-14235: Fixed potential memory exhaustion in ``django.utils.encoding.uri_to_iri()`` (bsc#1142885).
Non-security issues fixed:
- Fixed a migration crash on PostgreSQL when adding a check constraint with a contains lookup on DateRangeField or DateTimeRangeField, if the right hand side of an expression is the same type.
This update was imported from the openSUSE:Leap:15.1:Update update project.
Patchnames
openSUSE-2019-1872
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for python-Django",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for python-Django fixes the following issues:\n\nSecurity issues fixed:\n\t \n- CVE-2019-11358: Fixed prototype pollution.\n- CVE-2019-12308: Fixed XSS in AdminURLFieldWidget (bsc#1136468)\n- CVE-2019-12781: Fixed incorrect HTTP detection with reverse-proxy connecting via HTTPS (bsc#1139945).\n- CVE-2019-14232: Fixed denial-of-service possibility in ``django.utils.text.Truncator`` (bsc#1142880).\n- CVE-2019-14233: Fixed denial-of-service possibility in ``strip_tags()`` (bsc#1142882).\n- CVE-2019-14234: Fixed SQL injection possibility in key and index lookups for ``JSONField``/``HStoreField`` (bsc#1142883).\n- CVE-2019-14235: Fixed potential memory exhaustion in ``django.utils.encoding.uri_to_iri()`` (bsc#1142885).\n\nNon-security issues fixed:\n\n- Fixed a migration crash on PostgreSQL when adding a check constraint with a contains lookup on DateRangeField or DateTimeRangeField, if the right hand side of an expression is the same type.\n \nThis update was imported from the openSUSE:Leap:15.1:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-1872",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_1872-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:1872-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5XTP44JEOSNXRVW4JDZXA5XGMBDZLWSW/#5XTP44JEOSNXRVW4JDZXA5XGMBDZLWSW"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:1872-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5XTP44JEOSNXRVW4JDZXA5XGMBDZLWSW/#5XTP44JEOSNXRVW4JDZXA5XGMBDZLWSW"
},
{
"category": "self",
"summary": "SUSE Bug 1136468",
"url": "https://bugzilla.suse.com/1136468"
},
{
"category": "self",
"summary": "SUSE Bug 1139945",
"url": "https://bugzilla.suse.com/1139945"
},
{
"category": "self",
"summary": "SUSE Bug 1142880",
"url": "https://bugzilla.suse.com/1142880"
},
{
"category": "self",
"summary": "SUSE Bug 1142882",
"url": "https://bugzilla.suse.com/1142882"
},
{
"category": "self",
"summary": "SUSE Bug 1142883",
"url": "https://bugzilla.suse.com/1142883"
},
{
"category": "self",
"summary": "SUSE Bug 1142885",
"url": "https://bugzilla.suse.com/1142885"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11358 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11358/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-12308 page",
"url": "https://www.suse.com/security/cve/CVE-2019-12308/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-12781 page",
"url": "https://www.suse.com/security/cve/CVE-2019-12781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14232 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14232/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14233 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14233/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14234 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14234/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14235 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14235/"
}
],
"title": "Security update for python-Django",
"tracking": {
"current_release_date": "2019-08-14T09:13:06Z",
"generator": {
"date": "2019-08-14T09:13:06Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:1872-1",
"initial_release_date": "2019-08-14T09:13:06Z",
"revision_history": [
{
"date": "2019-08-14T09:13:06Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python3-Django-2.2.4-bp151.3.3.1.noarch",
"product": {
"name": "python3-Django-2.2.4-bp151.3.3.1.noarch",
"product_id": "python3-Django-2.2.4-bp151.3.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 15 SP1",
"product": {
"name": "SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-Django-2.2.4-bp151.3.3.1.noarch as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:python3-Django-2.2.4-bp151.3.3.1.noarch"
},
"product_reference": "python3-Django-2.2.4-bp151.3.3.1.noarch",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-11358",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11358"
}
],
"notes": [
{
"category": "general",
"text": "jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:python3-Django-2.2.4-bp151.3.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11358",
"url": "https://www.suse.com/security/cve/CVE-2019-11358"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:python3-Django-2.2.4-bp151.3.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:python3-Django-2.2.4-bp151.3.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-14T09:13:06Z",
"details": "moderate"
}
],
"title": "CVE-2019-11358"
},
{
"cve": "CVE-2019-12308",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-12308"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provided as a URL query parameter payload, could result in an clickable JavaScript link.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:python3-Django-2.2.4-bp151.3.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-12308",
"url": "https://www.suse.com/security/cve/CVE-2019-12308"
},
{
"category": "external",
"summary": "SUSE Bug 1136468 for CVE-2019-12308",
"url": "https://bugzilla.suse.com/1136468"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:python3-Django-2.2.4-bp151.3.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Package Hub 15 SP1:python3-Django-2.2.4-bp151.3.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-14T09:13:06Z",
"details": "moderate"
}
],
"title": "CVE-2019-12308"
},
{
"cve": "CVE-2019-12781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-12781"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words, django.http.HttpRequest.scheme has incorrect behavior when a client uses HTTP.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:python3-Django-2.2.4-bp151.3.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-12781",
"url": "https://www.suse.com/security/cve/CVE-2019-12781"
},
{
"category": "external",
"summary": "SUSE Bug 1124991 for CVE-2019-12781",
"url": "https://bugzilla.suse.com/1124991"
},
{
"category": "external",
"summary": "SUSE Bug 1139945 for CVE-2019-12781",
"url": "https://bugzilla.suse.com/1139945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:python3-Django-2.2.4-bp151.3.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Package Hub 15 SP1:python3-Django-2.2.4-bp151.3.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-14T09:13:06Z",
"details": "moderate"
}
],
"title": "CVE-2019-12781"
},
{
"cve": "CVE-2019-14232",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14232"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator\u0027s chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:python3-Django-2.2.4-bp151.3.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14232",
"url": "https://www.suse.com/security/cve/CVE-2019-14232"
},
{
"category": "external",
"summary": "SUSE Bug 1142880 for CVE-2019-14232",
"url": "https://bugzilla.suse.com/1142880"
},
{
"category": "external",
"summary": "SUSE Bug 1215978 for CVE-2019-14232",
"url": "https://bugzilla.suse.com/1215978"
},
{
"category": "external",
"summary": "SUSE Bug 1220358 for CVE-2019-14232",
"url": "https://bugzilla.suse.com/1220358"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:python3-Django-2.2.4-bp151.3.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Package Hub 15 SP1:python3-Django-2.2.4-bp151.3.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-14T09:13:06Z",
"details": "moderate"
}
],
"title": "CVE-2019-14232"
},
{
"cve": "CVE-2019-14233",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14233"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying HTMLParser, django.utils.html.strip_tags would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:python3-Django-2.2.4-bp151.3.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14233",
"url": "https://www.suse.com/security/cve/CVE-2019-14233"
},
{
"category": "external",
"summary": "SUSE Bug 1142882 for CVE-2019-14233",
"url": "https://bugzilla.suse.com/1142882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:python3-Django-2.2.4-bp151.3.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Package Hub 15 SP1:python3-Django-2.2.4-bp151.3.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-14T09:13:06Z",
"details": "moderate"
}
],
"title": "CVE-2019-14233"
},
{
"cve": "CVE-2019-14234",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14234"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to SQL injection. This could, for example, be exploited via crafted use of \"OR 1=1\" in a key or index name to return all records, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to the QuerySet.filter() function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:python3-Django-2.2.4-bp151.3.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14234",
"url": "https://www.suse.com/security/cve/CVE-2019-14234"
},
{
"category": "external",
"summary": "SUSE Bug 1142883 for CVE-2019-14234",
"url": "https://bugzilla.suse.com/1142883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:python3-Django-2.2.4-bp151.3.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Package Hub 15 SP1:python3-Django-2.2.4-bp151.3.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-14T09:13:06Z",
"details": "moderate"
}
],
"title": "CVE-2019-14234"
},
{
"cve": "CVE-2019-14235",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14235"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uri_to_iri could lead to significant memory usage due to a recursion when repercent-encoding invalid UTF-8 octet sequences.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:python3-Django-2.2.4-bp151.3.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14235",
"url": "https://www.suse.com/security/cve/CVE-2019-14235"
},
{
"category": "external",
"summary": "SUSE Bug 1142885 for CVE-2019-14235",
"url": "https://bugzilla.suse.com/1142885"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:python3-Django-2.2.4-bp151.3.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Package Hub 15 SP1:python3-Django-2.2.4-bp151.3.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-14T09:13:06Z",
"details": "moderate"
}
],
"title": "CVE-2019-14235"
}
]
}
OPENSUSE-SU-2019:1839-1
Vulnerability from csaf_opensuse - Published: 2019-08-08 15:57 - Updated: 2019-08-08 15:57Summary
Security update for python-Django
Notes
Title of the patch
Security update for python-Django
Description of the patch
This update for python-Django fixes the following issues:
Security issues fixed:
- CVE-2019-11358: Fixed prototype pollution.
- CVE-2019-12308: Fixed XSS in AdminURLFieldWidget (bsc#1136468)
- CVE-2019-12781: Fixed incorrect HTTP detection with reverse-proxy connecting via HTTPS (bsc#1139945).
- CVE-2019-14232: Fixed denial-of-service possibility in ``django.utils.text.Truncator`` (bsc#1142880).
- CVE-2019-14233: Fixed denial-of-service possibility in ``strip_tags()`` (bsc#1142882).
- CVE-2019-14234: Fixed SQL injection possibility in key and index lookups for ``JSONField``/``HStoreField`` (bsc#1142883).
- CVE-2019-14235: Fixed potential memory exhaustion in ``django.utils.encoding.uri_to_iri()`` (bsc#1142885).
Non-security issues fixed:
- Fixed a migration crash on PostgreSQL when adding a check constraint with a contains lookup on DateRangeField or DateTimeRangeField, if the right hand side of an expression is the same type.
Patchnames
openSUSE-2019-1839
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for python-Django",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for python-Django fixes the following issues:\n\nSecurity issues fixed:\n\t \n- CVE-2019-11358: Fixed prototype pollution.\n- CVE-2019-12308: Fixed XSS in AdminURLFieldWidget (bsc#1136468)\n- CVE-2019-12781: Fixed incorrect HTTP detection with reverse-proxy connecting via HTTPS (bsc#1139945).\n- CVE-2019-14232: Fixed denial-of-service possibility in ``django.utils.text.Truncator`` (bsc#1142880).\n- CVE-2019-14233: Fixed denial-of-service possibility in ``strip_tags()`` (bsc#1142882).\n- CVE-2019-14234: Fixed SQL injection possibility in key and index lookups for ``JSONField``/``HStoreField`` (bsc#1142883).\n- CVE-2019-14235: Fixed potential memory exhaustion in ``django.utils.encoding.uri_to_iri()`` (bsc#1142885).\n\nNon-security issues fixed:\n\n- Fixed a migration crash on PostgreSQL when adding a check constraint with a contains lookup on DateRangeField or DateTimeRangeField, if the right hand side of an expression is the same type.\n ",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-1839",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_1839-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:1839-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3LGJSPCN3VEG2UJPYCUB6TU75JTIV2TQ/#3LGJSPCN3VEG2UJPYCUB6TU75JTIV2TQ"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:1839-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3LGJSPCN3VEG2UJPYCUB6TU75JTIV2TQ/#3LGJSPCN3VEG2UJPYCUB6TU75JTIV2TQ"
},
{
"category": "self",
"summary": "SUSE Bug 1136468",
"url": "https://bugzilla.suse.com/1136468"
},
{
"category": "self",
"summary": "SUSE Bug 1139945",
"url": "https://bugzilla.suse.com/1139945"
},
{
"category": "self",
"summary": "SUSE Bug 1142880",
"url": "https://bugzilla.suse.com/1142880"
},
{
"category": "self",
"summary": "SUSE Bug 1142882",
"url": "https://bugzilla.suse.com/1142882"
},
{
"category": "self",
"summary": "SUSE Bug 1142883",
"url": "https://bugzilla.suse.com/1142883"
},
{
"category": "self",
"summary": "SUSE Bug 1142885",
"url": "https://bugzilla.suse.com/1142885"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11358 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11358/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-12308 page",
"url": "https://www.suse.com/security/cve/CVE-2019-12308/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-12781 page",
"url": "https://www.suse.com/security/cve/CVE-2019-12781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14232 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14232/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14233 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14233/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14234 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14234/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14235 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14235/"
}
],
"title": "Security update for python-Django",
"tracking": {
"current_release_date": "2019-08-08T15:57:07Z",
"generator": {
"date": "2019-08-08T15:57:07Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:1839-1",
"initial_release_date": "2019-08-08T15:57:07Z",
"revision_history": [
{
"date": "2019-08-08T15:57:07Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python3-Django-2.2.4-lp151.2.3.1.noarch",
"product": {
"name": "python3-Django-2.2.4-lp151.2.3.1.noarch",
"product_id": "python3-Django-2.2.4-lp151.2.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-Django-2.2.4-lp151.2.3.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:python3-Django-2.2.4-lp151.2.3.1.noarch"
},
"product_reference": "python3-Django-2.2.4-lp151.2.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-11358",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11358"
}
],
"notes": [
{
"category": "general",
"text": "jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:python3-Django-2.2.4-lp151.2.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11358",
"url": "https://www.suse.com/security/cve/CVE-2019-11358"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:python3-Django-2.2.4-lp151.2.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:python3-Django-2.2.4-lp151.2.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-08T15:57:07Z",
"details": "moderate"
}
],
"title": "CVE-2019-11358"
},
{
"cve": "CVE-2019-12308",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-12308"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provided as a URL query parameter payload, could result in an clickable JavaScript link.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:python3-Django-2.2.4-lp151.2.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-12308",
"url": "https://www.suse.com/security/cve/CVE-2019-12308"
},
{
"category": "external",
"summary": "SUSE Bug 1136468 for CVE-2019-12308",
"url": "https://bugzilla.suse.com/1136468"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:python3-Django-2.2.4-lp151.2.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:python3-Django-2.2.4-lp151.2.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-08T15:57:07Z",
"details": "moderate"
}
],
"title": "CVE-2019-12308"
},
{
"cve": "CVE-2019-12781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-12781"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words, django.http.HttpRequest.scheme has incorrect behavior when a client uses HTTP.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:python3-Django-2.2.4-lp151.2.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-12781",
"url": "https://www.suse.com/security/cve/CVE-2019-12781"
},
{
"category": "external",
"summary": "SUSE Bug 1124991 for CVE-2019-12781",
"url": "https://bugzilla.suse.com/1124991"
},
{
"category": "external",
"summary": "SUSE Bug 1139945 for CVE-2019-12781",
"url": "https://bugzilla.suse.com/1139945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:python3-Django-2.2.4-lp151.2.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:python3-Django-2.2.4-lp151.2.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-08T15:57:07Z",
"details": "moderate"
}
],
"title": "CVE-2019-12781"
},
{
"cve": "CVE-2019-14232",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14232"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator\u0027s chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:python3-Django-2.2.4-lp151.2.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14232",
"url": "https://www.suse.com/security/cve/CVE-2019-14232"
},
{
"category": "external",
"summary": "SUSE Bug 1142880 for CVE-2019-14232",
"url": "https://bugzilla.suse.com/1142880"
},
{
"category": "external",
"summary": "SUSE Bug 1215978 for CVE-2019-14232",
"url": "https://bugzilla.suse.com/1215978"
},
{
"category": "external",
"summary": "SUSE Bug 1220358 for CVE-2019-14232",
"url": "https://bugzilla.suse.com/1220358"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:python3-Django-2.2.4-lp151.2.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:python3-Django-2.2.4-lp151.2.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-08T15:57:07Z",
"details": "moderate"
}
],
"title": "CVE-2019-14232"
},
{
"cve": "CVE-2019-14233",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14233"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying HTMLParser, django.utils.html.strip_tags would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:python3-Django-2.2.4-lp151.2.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14233",
"url": "https://www.suse.com/security/cve/CVE-2019-14233"
},
{
"category": "external",
"summary": "SUSE Bug 1142882 for CVE-2019-14233",
"url": "https://bugzilla.suse.com/1142882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:python3-Django-2.2.4-lp151.2.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:python3-Django-2.2.4-lp151.2.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-08T15:57:07Z",
"details": "moderate"
}
],
"title": "CVE-2019-14233"
},
{
"cve": "CVE-2019-14234",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14234"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to SQL injection. This could, for example, be exploited via crafted use of \"OR 1=1\" in a key or index name to return all records, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to the QuerySet.filter() function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:python3-Django-2.2.4-lp151.2.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14234",
"url": "https://www.suse.com/security/cve/CVE-2019-14234"
},
{
"category": "external",
"summary": "SUSE Bug 1142883 for CVE-2019-14234",
"url": "https://bugzilla.suse.com/1142883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:python3-Django-2.2.4-lp151.2.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:python3-Django-2.2.4-lp151.2.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-08T15:57:07Z",
"details": "moderate"
}
],
"title": "CVE-2019-14234"
},
{
"cve": "CVE-2019-14235",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14235"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uri_to_iri could lead to significant memory usage due to a recursion when repercent-encoding invalid UTF-8 octet sequences.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:python3-Django-2.2.4-lp151.2.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14235",
"url": "https://www.suse.com/security/cve/CVE-2019-14235"
},
{
"category": "external",
"summary": "SUSE Bug 1142885 for CVE-2019-14235",
"url": "https://bugzilla.suse.com/1142885"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:python3-Django-2.2.4-lp151.2.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:python3-Django-2.2.4-lp151.2.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-08T15:57:07Z",
"details": "moderate"
}
],
"title": "CVE-2019-14235"
}
]
}
OPENSUSE-SU-2024:11205-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
python36-Django-3.2.7-2.3 on GA media
Notes
Title of the patch
python36-Django-3.2.7-2.3 on GA media
Description of the patch
These are all security issues fixed in the python36-Django-3.2.7-2.3 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-11205
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "python36-Django-3.2.7-2.3 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the python36-Django-3.2.7-2.3 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-11205",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11205-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3982 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5145 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5963 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7401 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7401/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12794 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7233 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7233/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7234 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7234/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16984 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6188 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7536 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7536/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7537 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11358 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11358/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-12308 page",
"url": "https://www.suse.com/security/cve/CVE-2019-12308/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-12781 page",
"url": "https://www.suse.com/security/cve/CVE-2019-12781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14232 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14232/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19118 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19118/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19844 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3498 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3498/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6975 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-13254 page",
"url": "https://www.suse.com/security/cve/CVE-2020-13254/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-13596 page",
"url": "https://www.suse.com/security/cve/CVE-2020-13596/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24583 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24584 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24584/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-7471 page",
"url": "https://www.suse.com/security/cve/CVE-2020-7471/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-9402 page",
"url": "https://www.suse.com/security/cve/CVE-2020-9402/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-31542 page",
"url": "https://www.suse.com/security/cve/CVE-2021-31542/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32052 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33203 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33571 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-35042 page",
"url": "https://www.suse.com/security/cve/CVE-2021-35042/"
}
],
"title": "python36-Django-3.2.7-2.3 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:11205-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python36-Django-3.2.7-2.3.aarch64",
"product": {
"name": "python36-Django-3.2.7-2.3.aarch64",
"product_id": "python36-Django-3.2.7-2.3.aarch64"
}
},
{
"category": "product_version",
"name": "python38-Django-3.2.7-2.3.aarch64",
"product": {
"name": "python38-Django-3.2.7-2.3.aarch64",
"product_id": "python38-Django-3.2.7-2.3.aarch64"
}
},
{
"category": "product_version",
"name": "python39-Django-3.2.7-2.3.aarch64",
"product": {
"name": "python39-Django-3.2.7-2.3.aarch64",
"product_id": "python39-Django-3.2.7-2.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python36-Django-3.2.7-2.3.ppc64le",
"product": {
"name": "python36-Django-3.2.7-2.3.ppc64le",
"product_id": "python36-Django-3.2.7-2.3.ppc64le"
}
},
{
"category": "product_version",
"name": "python38-Django-3.2.7-2.3.ppc64le",
"product": {
"name": "python38-Django-3.2.7-2.3.ppc64le",
"product_id": "python38-Django-3.2.7-2.3.ppc64le"
}
},
{
"category": "product_version",
"name": "python39-Django-3.2.7-2.3.ppc64le",
"product": {
"name": "python39-Django-3.2.7-2.3.ppc64le",
"product_id": "python39-Django-3.2.7-2.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python36-Django-3.2.7-2.3.s390x",
"product": {
"name": "python36-Django-3.2.7-2.3.s390x",
"product_id": "python36-Django-3.2.7-2.3.s390x"
}
},
{
"category": "product_version",
"name": "python38-Django-3.2.7-2.3.s390x",
"product": {
"name": "python38-Django-3.2.7-2.3.s390x",
"product_id": "python38-Django-3.2.7-2.3.s390x"
}
},
{
"category": "product_version",
"name": "python39-Django-3.2.7-2.3.s390x",
"product": {
"name": "python39-Django-3.2.7-2.3.s390x",
"product_id": "python39-Django-3.2.7-2.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python36-Django-3.2.7-2.3.x86_64",
"product": {
"name": "python36-Django-3.2.7-2.3.x86_64",
"product_id": "python36-Django-3.2.7-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "python38-Django-3.2.7-2.3.x86_64",
"product": {
"name": "python38-Django-3.2.7-2.3.x86_64",
"product_id": "python38-Django-3.2.7-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "python39-Django-3.2.7-2.3.x86_64",
"product": {
"name": "python39-Django-3.2.7-2.3.x86_64",
"product_id": "python39-Django-3.2.7-2.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python36-Django-3.2.7-2.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64"
},
"product_reference": "python36-Django-3.2.7-2.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python36-Django-3.2.7-2.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le"
},
"product_reference": "python36-Django-3.2.7-2.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python36-Django-3.2.7-2.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x"
},
"product_reference": "python36-Django-3.2.7-2.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python36-Django-3.2.7-2.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64"
},
"product_reference": "python36-Django-3.2.7-2.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python38-Django-3.2.7-2.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64"
},
"product_reference": "python38-Django-3.2.7-2.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python38-Django-3.2.7-2.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le"
},
"product_reference": "python38-Django-3.2.7-2.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python38-Django-3.2.7-2.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x"
},
"product_reference": "python38-Django-3.2.7-2.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python38-Django-3.2.7-2.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64"
},
"product_reference": "python38-Django-3.2.7-2.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-Django-3.2.7-2.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64"
},
"product_reference": "python39-Django-3.2.7-2.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-Django-3.2.7-2.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le"
},
"product_reference": "python39-Django-3.2.7-2.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-Django-3.2.7-2.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x"
},
"product_reference": "python39-Django-3.2.7-2.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-Django-3.2.7-2.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
},
"product_reference": "python39-Django-3.2.7-2.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-3982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3982"
}
],
"notes": [
{
"category": "general",
"text": "The session.flush function in the cached_db backend in Django 1.8.x before 1.8.2 does not properly flush the session, which allows remote attackers to hijack user sessions via an empty string in the session key.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3982",
"url": "https://www.suse.com/security/cve/CVE-2015-3982"
},
{
"category": "external",
"summary": "SUSE Bug 932265 for CVE-2015-3982",
"url": "https://bugzilla.suse.com/932265"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-3982"
},
{
"cve": "CVE-2015-5145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5145"
}
],
"notes": [
{
"category": "general",
"text": "validators.URLValidator in Django 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5145",
"url": "https://www.suse.com/security/cve/CVE-2015-5145"
},
{
"category": "external",
"summary": "SUSE Bug 937524 for CVE-2015-5145",
"url": "https://bugzilla.suse.com/937524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-5145"
},
{
"cve": "CVE-2015-5963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5963"
}
],
"notes": [
{
"category": "general",
"text": "contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions allows remote attackers to cause a denial of service (session store consumption or session record removal) via a large number of requests to contrib.auth.views.logout, which triggers the creation of an empty session record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5963",
"url": "https://www.suse.com/security/cve/CVE-2015-5963"
},
{
"category": "external",
"summary": "SUSE Bug 941587 for CVE-2015-5963",
"url": "https://bugzilla.suse.com/941587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-5963"
},
{
"cve": "CVE-2016-7401",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7401"
}
],
"notes": [
{
"category": "general",
"text": "The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.10, when used on a site with Google Analytics, allows remote attackers to bypass an intended CSRF protection mechanism by setting arbitrary cookies.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7401",
"url": "https://www.suse.com/security/cve/CVE-2016-7401"
},
{
"category": "external",
"summary": "SUSE Bug 1001374 for CVE-2016-7401",
"url": "https://bugzilla.suse.com/1001374"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7401"
},
{
"cve": "CVE-2017-12794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12794"
}
],
"notes": [
{
"category": "general",
"text": "In Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5, HTML autoescaping was disabled in a portion of the template for the technical 500 debug page. Given the right circumstances, this allowed a cross-site scripting attack. This vulnerability shouldn\u0027t affect most production sites since you shouldn\u0027t run with \"DEBUG = True\" (which makes this page accessible) in your production settings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12794",
"url": "https://www.suse.com/security/cve/CVE-2017-12794"
},
{
"category": "external",
"summary": "SUSE Bug 1056284 for CVE-2017-12794",
"url": "https://bugzilla.suse.com/1056284"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-12794"
},
{
"cve": "CVE-2017-7233",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7233"
}
],
"notes": [
{
"category": "general",
"text": "Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an \"on success\" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric URLs \"safe\" when they shouldn\u0027t be, aka an open redirect vulnerability. Also, if a developer relies on ``is_safe_url()`` to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7233",
"url": "https://www.suse.com/security/cve/CVE-2017-7233"
},
{
"category": "external",
"summary": "SUSE Bug 1031450 for CVE-2017-7233",
"url": "https://bugzilla.suse.com/1031450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2017-7233"
},
{
"cve": "CVE-2017-7234",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7234"
}
],
"notes": [
{
"category": "general",
"text": "A maliciously crafted URL to a Django (1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18) site using the ``django.views.static.serve()`` view could redirect to any other domain, aka an open redirect vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7234",
"url": "https://www.suse.com/security/cve/CVE-2017-7234"
},
{
"category": "external",
"summary": "SUSE Bug 1031451 for CVE-2017-7234",
"url": "https://bugzilla.suse.com/1031451"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2017-7234"
},
{
"cve": "CVE-2018-16984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16984"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.1 before 2.1.2, in which unprivileged users can read the password hashes of arbitrary accounts. The read-only password widget used by the Django Admin to display an obfuscated password hash was bypassed if a user has only the \"view\" permission (new in Django 2.1), resulting in display of the entire password hash to those users. This may result in a vulnerability for sites with legacy user accounts using insecure hashes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16984",
"url": "https://www.suse.com/security/cve/CVE-2018-16984"
},
{
"category": "external",
"summary": "SUSE Bug 1109621 for CVE-2018-16984",
"url": "https://bugzilla.suse.com/1109621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-16984"
},
{
"cve": "CVE-2018-6188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6188"
}
],
"notes": [
{
"category": "general",
"text": "django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6188",
"url": "https://www.suse.com/security/cve/CVE-2018-6188"
},
{
"category": "external",
"summary": "SUSE Bug 1077714 for CVE-2018-6188",
"url": "https://bugzilla.suse.com/1077714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2018-6188"
},
{
"cve": "CVE-2018-7536",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7536"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize() function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions (only one regular expression for Django 1.8.x). The urlize() function is used to implement the urlize and urlizetrunc template filters, which were thus vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7536",
"url": "https://www.suse.com/security/cve/CVE-2018-7536"
},
{
"category": "external",
"summary": "SUSE Bug 1083304 for CVE-2018-7536",
"url": "https://bugzilla.suse.com/1083304"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-7536"
},
{
"cve": "CVE-2018-7537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7537"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator\u0027s chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7537",
"url": "https://www.suse.com/security/cve/CVE-2018-7537"
},
{
"category": "external",
"summary": "SUSE Bug 1083305 for CVE-2018-7537",
"url": "https://bugzilla.suse.com/1083305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-7537"
},
{
"cve": "CVE-2019-11358",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11358"
}
],
"notes": [
{
"category": "general",
"text": "jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11358",
"url": "https://www.suse.com/security/cve/CVE-2019-11358"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-11358"
},
{
"cve": "CVE-2019-12308",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-12308"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provided as a URL query parameter payload, could result in an clickable JavaScript link.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-12308",
"url": "https://www.suse.com/security/cve/CVE-2019-12308"
},
{
"category": "external",
"summary": "SUSE Bug 1136468 for CVE-2019-12308",
"url": "https://bugzilla.suse.com/1136468"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-12308"
},
{
"cve": "CVE-2019-12781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-12781"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words, django.http.HttpRequest.scheme has incorrect behavior when a client uses HTTP.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-12781",
"url": "https://www.suse.com/security/cve/CVE-2019-12781"
},
{
"category": "external",
"summary": "SUSE Bug 1124991 for CVE-2019-12781",
"url": "https://bugzilla.suse.com/1124991"
},
{
"category": "external",
"summary": "SUSE Bug 1139945 for CVE-2019-12781",
"url": "https://bugzilla.suse.com/1139945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-12781"
},
{
"cve": "CVE-2019-14232",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14232"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator\u0027s chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14232",
"url": "https://www.suse.com/security/cve/CVE-2019-14232"
},
{
"category": "external",
"summary": "SUSE Bug 1142880 for CVE-2019-14232",
"url": "https://bugzilla.suse.com/1142880"
},
{
"category": "external",
"summary": "SUSE Bug 1215978 for CVE-2019-14232",
"url": "https://bugzilla.suse.com/1215978"
},
{
"category": "external",
"summary": "SUSE Bug 1220358 for CVE-2019-14232",
"url": "https://bugzilla.suse.com/1220358"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-14232"
},
{
"cve": "CVE-2019-19118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19118"
}
],
"notes": [
{
"category": "general",
"text": "Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model editing. A Django model admin displaying inline related models, where the user has view-only permissions to a parent model but edit permissions to the inline model, would be presented with an editing UI, allowing POST requests, for updating the inline model. Directly editing the view-only parent model was not possible, but the parent model\u0027s save() method was called, triggering potential side effects, and causing pre and post-save signal handlers to be invoked. (To resolve this, the Django admin is adjusted to require edit permissions on the parent model in order for inline models to be editable.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19118",
"url": "https://www.suse.com/security/cve/CVE-2019-19118"
},
{
"category": "external",
"summary": "SUSE Bug 1157705 for CVE-2019-19118",
"url": "https://bugzilla.suse.com/1157705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-19118"
},
{
"cve": "CVE-2019-19844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19844"
}
],
"notes": [
{
"category": "general",
"text": "Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user\u0027s email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19844",
"url": "https://www.suse.com/security/cve/CVE-2019-19844"
},
{
"category": "external",
"summary": "SUSE Bug 1159447 for CVE-2019-19844",
"url": "https://bugzilla.suse.com/1159447"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-19844"
},
{
"cve": "CVE-2019-3498",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3498"
}
],
"notes": [
{
"category": "general",
"text": "In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, an Improper Neutralization of Special Elements in Output Used by a Downstream Component issue exists in django.views.defaults.page_not_found(), leading to content spoofing (in a 404 error page) if a user fails to recognize that a crafted URL has malicious content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3498",
"url": "https://www.suse.com/security/cve/CVE-2019-3498"
},
{
"category": "external",
"summary": "SUSE Bug 1120932 for CVE-2019-3498",
"url": "https://bugzilla.suse.com/1120932"
},
{
"category": "external",
"summary": "SUSE Bug 1139945 for CVE-2019-3498",
"url": "https://bugzilla.suse.com/1139945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2019-3498"
},
{
"cve": "CVE-2019-6975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6975"
}
],
"notes": [
{
"category": "general",
"text": "Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2.1.6 allows Uncontrolled Memory Consumption via a malicious attacker-supplied value to the django.utils.numberformat.format() function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6975",
"url": "https://www.suse.com/security/cve/CVE-2019-6975"
},
{
"category": "external",
"summary": "SUSE Bug 1124991 for CVE-2019-6975",
"url": "https://bugzilla.suse.com/1124991"
},
{
"category": "external",
"summary": "SUSE Bug 1139945 for CVE-2019-6975",
"url": "https://bugzilla.suse.com/1139945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-6975"
},
{
"cve": "CVE-2020-13254",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-13254"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-13254",
"url": "https://www.suse.com/security/cve/CVE-2020-13254"
},
{
"category": "external",
"summary": "SUSE Bug 1172166 for CVE-2020-13254",
"url": "https://bugzilla.suse.com/1172166"
},
{
"category": "external",
"summary": "SUSE Bug 1172167 for CVE-2020-13254",
"url": "https://bugzilla.suse.com/1172167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-13254"
},
{
"cve": "CVE-2020-13596",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-13596"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-13596",
"url": "https://www.suse.com/security/cve/CVE-2020-13596"
},
{
"category": "external",
"summary": "SUSE Bug 1172166 for CVE-2020-13596",
"url": "https://bugzilla.suse.com/1172166"
},
{
"category": "external",
"summary": "SUSE Bug 1172167 for CVE-2020-13596",
"url": "https://bugzilla.suse.com/1172167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-13596"
},
{
"cve": "CVE-2020-24583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24583"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level collected static directories when using the collectstatic management command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24583",
"url": "https://www.suse.com/security/cve/CVE-2020-24583"
},
{
"category": "external",
"summary": "SUSE Bug 1175784 for CVE-2020-24583",
"url": "https://bugzilla.suse.com/1175784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-24583"
},
{
"cve": "CVE-2020-24584",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24584"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). The intermediate-level directories of the filesystem cache had the system\u0027s standard umask rather than 0o077.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24584",
"url": "https://www.suse.com/security/cve/CVE-2020-24584"
},
{
"category": "external",
"summary": "SUSE Bug 1175784 for CVE-2020-24584",
"url": "https://bugzilla.suse.com/1175784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-24584"
},
{
"cve": "CVE-2020-7471",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-7471"
}
],
"notes": [
{
"category": "general",
"text": "Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter (e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter). By passing a suitably crafted delimiter to a contrib.postgres.aggregates.StringAgg instance, it was possible to break escaping and inject malicious SQL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-7471",
"url": "https://www.suse.com/security/cve/CVE-2020-7471"
},
{
"category": "external",
"summary": "SUSE Bug 1161919 for CVE-2020-7471",
"url": "https://bugzilla.suse.com/1161919"
},
{
"category": "external",
"summary": "SUSE Bug 1161920 for CVE-2020-7471",
"url": "https://bugzilla.suse.com/1161920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-7471"
},
{
"cve": "CVE-2020-9402",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-9402"
}
],
"notes": [
{
"category": "general",
"text": "Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggregates on Oracle, it was possible to break escaping and inject malicious SQL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-9402",
"url": "https://www.suse.com/security/cve/CVE-2020-9402"
},
{
"category": "external",
"summary": "SUSE Bug 1165022 for CVE-2020-9402",
"url": "https://bugzilla.suse.com/1165022"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-9402"
},
{
"cve": "CVE-2021-31542",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-31542"
}
],
"notes": [
{
"category": "general",
"text": "In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-31542",
"url": "https://www.suse.com/security/cve/CVE-2021-31542"
},
{
"category": "external",
"summary": "SUSE Bug 1185623 for CVE-2021-31542",
"url": "https://bugzilla.suse.com/1185623"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-31542"
},
{
"cve": "CVE-2021-32052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32052"
}
],
"notes": [
{
"category": "general",
"text": "In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 (with Python 3.9.5+), URLValidator does not prohibit newlines and tabs (unless the URLField form field is used). If an application uses values with newlines in an HTTP response, header injection can occur. Django itself is unaffected because HttpResponse prohibits newlines in HTTP headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32052",
"url": "https://www.suse.com/security/cve/CVE-2021-32052"
},
{
"category": "external",
"summary": "SUSE Bug 1185713 for CVE-2021-32052",
"url": "https://bugzilla.suse.com/1185713"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-32052"
},
{
"cve": "CVE-2021-33203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33203"
}
],
"notes": [
{
"category": "general",
"text": "Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if (and only if) the default admindocs templates have been customized by application developers to also show file contents, then not only the existence but also the file contents would have been exposed. In other words, there is directory traversal outside of the template root directories.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33203",
"url": "https://www.suse.com/security/cve/CVE-2021-33203"
},
{
"category": "external",
"summary": "SUSE Bug 1186608 for CVE-2021-33203",
"url": "https://bugzilla.suse.com/1186608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-33203"
},
{
"cve": "CVE-2021-33571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33571"
}
],
"notes": [
{
"category": "general",
"text": "In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validate_ipv4_address, and validate_ipv46_address do not prohibit leading zero characters in octal literals. This may allow a bypass of access control that is based on IP addresses. (validate_ipv4_address and validate_ipv46_address are unaffected with Python 3.9.5+..) .",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33571",
"url": "https://www.suse.com/security/cve/CVE-2021-33571"
},
{
"category": "external",
"summary": "SUSE Bug 1186611 for CVE-2021-33571",
"url": "https://bugzilla.suse.com/1186611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-33571"
},
{
"cve": "CVE-2021-35042",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-35042"
}
],
"notes": [
{
"category": "general",
"text": "Django 3.1.x before 3.1.13 and 3.2.x before 3.2.5 allows QuerySet.order_by SQL injection if order_by is untrusted input from a client of a web application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-35042",
"url": "https://www.suse.com/security/cve/CVE-2021-35042"
},
{
"category": "external",
"summary": "SUSE Bug 1187785 for CVE-2021-35042",
"url": "https://bugzilla.suse.com/1187785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python36-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python38-Django-3.2.7-2.3.x86_64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.aarch64",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.ppc64le",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.s390x",
"openSUSE Tumbleweed:python39-Django-3.2.7-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2021-35042"
}
]
}
OPENSUSE-SU-2024:13887-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
python310-Django-4.2.11-2.1 on GA media
Notes
Title of the patch
python310-Django-4.2.11-2.1 on GA media
Description of the patch
These are all security issues fixed in the python310-Django-4.2.11-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-13887
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "python310-Django-4.2.11-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the python310-Django-4.2.11-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13887",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13887-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3982 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5145 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5963 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7401 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7401/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12794 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7233 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7233/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7234 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7234/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16984 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6188 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7536 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7536/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7537 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11358 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11358/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-12308 page",
"url": "https://www.suse.com/security/cve/CVE-2019-12308/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-12781 page",
"url": "https://www.suse.com/security/cve/CVE-2019-12781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14232 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14232/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19118 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19118/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19844 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3498 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3498/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6975 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-13254 page",
"url": "https://www.suse.com/security/cve/CVE-2020-13254/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-13596 page",
"url": "https://www.suse.com/security/cve/CVE-2020-13596/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24583 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24584 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24584/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-7471 page",
"url": "https://www.suse.com/security/cve/CVE-2020-7471/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-9402 page",
"url": "https://www.suse.com/security/cve/CVE-2020-9402/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-31542 page",
"url": "https://www.suse.com/security/cve/CVE-2021-31542/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32052 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33203 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33571 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-35042 page",
"url": "https://www.suse.com/security/cve/CVE-2021-35042/"
}
],
"title": "python310-Django-4.2.11-2.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13887-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python310-Django-4.2.11-2.1.aarch64",
"product": {
"name": "python310-Django-4.2.11-2.1.aarch64",
"product_id": "python310-Django-4.2.11-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "python311-Django-4.2.11-2.1.aarch64",
"product": {
"name": "python311-Django-4.2.11-2.1.aarch64",
"product_id": "python311-Django-4.2.11-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "python312-Django-4.2.11-2.1.aarch64",
"product": {
"name": "python312-Django-4.2.11-2.1.aarch64",
"product_id": "python312-Django-4.2.11-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python310-Django-4.2.11-2.1.ppc64le",
"product": {
"name": "python310-Django-4.2.11-2.1.ppc64le",
"product_id": "python310-Django-4.2.11-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python311-Django-4.2.11-2.1.ppc64le",
"product": {
"name": "python311-Django-4.2.11-2.1.ppc64le",
"product_id": "python311-Django-4.2.11-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python312-Django-4.2.11-2.1.ppc64le",
"product": {
"name": "python312-Django-4.2.11-2.1.ppc64le",
"product_id": "python312-Django-4.2.11-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python310-Django-4.2.11-2.1.s390x",
"product": {
"name": "python310-Django-4.2.11-2.1.s390x",
"product_id": "python310-Django-4.2.11-2.1.s390x"
}
},
{
"category": "product_version",
"name": "python311-Django-4.2.11-2.1.s390x",
"product": {
"name": "python311-Django-4.2.11-2.1.s390x",
"product_id": "python311-Django-4.2.11-2.1.s390x"
}
},
{
"category": "product_version",
"name": "python312-Django-4.2.11-2.1.s390x",
"product": {
"name": "python312-Django-4.2.11-2.1.s390x",
"product_id": "python312-Django-4.2.11-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python310-Django-4.2.11-2.1.x86_64",
"product": {
"name": "python310-Django-4.2.11-2.1.x86_64",
"product_id": "python310-Django-4.2.11-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "python311-Django-4.2.11-2.1.x86_64",
"product": {
"name": "python311-Django-4.2.11-2.1.x86_64",
"product_id": "python311-Django-4.2.11-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "python312-Django-4.2.11-2.1.x86_64",
"product": {
"name": "python312-Django-4.2.11-2.1.x86_64",
"product_id": "python312-Django-4.2.11-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-Django-4.2.11-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64"
},
"product_reference": "python310-Django-4.2.11-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-Django-4.2.11-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le"
},
"product_reference": "python310-Django-4.2.11-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-Django-4.2.11-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x"
},
"product_reference": "python310-Django-4.2.11-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-Django-4.2.11-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64"
},
"product_reference": "python310-Django-4.2.11-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Django-4.2.11-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64"
},
"product_reference": "python311-Django-4.2.11-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Django-4.2.11-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le"
},
"product_reference": "python311-Django-4.2.11-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Django-4.2.11-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x"
},
"product_reference": "python311-Django-4.2.11-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Django-4.2.11-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64"
},
"product_reference": "python311-Django-4.2.11-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-Django-4.2.11-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64"
},
"product_reference": "python312-Django-4.2.11-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-Django-4.2.11-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le"
},
"product_reference": "python312-Django-4.2.11-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-Django-4.2.11-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x"
},
"product_reference": "python312-Django-4.2.11-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-Django-4.2.11-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
},
"product_reference": "python312-Django-4.2.11-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-3982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3982"
}
],
"notes": [
{
"category": "general",
"text": "The session.flush function in the cached_db backend in Django 1.8.x before 1.8.2 does not properly flush the session, which allows remote attackers to hijack user sessions via an empty string in the session key.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3982",
"url": "https://www.suse.com/security/cve/CVE-2015-3982"
},
{
"category": "external",
"summary": "SUSE Bug 932265 for CVE-2015-3982",
"url": "https://bugzilla.suse.com/932265"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-3982"
},
{
"cve": "CVE-2015-5145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5145"
}
],
"notes": [
{
"category": "general",
"text": "validators.URLValidator in Django 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5145",
"url": "https://www.suse.com/security/cve/CVE-2015-5145"
},
{
"category": "external",
"summary": "SUSE Bug 937524 for CVE-2015-5145",
"url": "https://bugzilla.suse.com/937524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-5145"
},
{
"cve": "CVE-2015-5963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5963"
}
],
"notes": [
{
"category": "general",
"text": "contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions allows remote attackers to cause a denial of service (session store consumption or session record removal) via a large number of requests to contrib.auth.views.logout, which triggers the creation of an empty session record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5963",
"url": "https://www.suse.com/security/cve/CVE-2015-5963"
},
{
"category": "external",
"summary": "SUSE Bug 941587 for CVE-2015-5963",
"url": "https://bugzilla.suse.com/941587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-5963"
},
{
"cve": "CVE-2016-7401",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7401"
}
],
"notes": [
{
"category": "general",
"text": "The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.10, when used on a site with Google Analytics, allows remote attackers to bypass an intended CSRF protection mechanism by setting arbitrary cookies.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7401",
"url": "https://www.suse.com/security/cve/CVE-2016-7401"
},
{
"category": "external",
"summary": "SUSE Bug 1001374 for CVE-2016-7401",
"url": "https://bugzilla.suse.com/1001374"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7401"
},
{
"cve": "CVE-2017-12794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12794"
}
],
"notes": [
{
"category": "general",
"text": "In Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5, HTML autoescaping was disabled in a portion of the template for the technical 500 debug page. Given the right circumstances, this allowed a cross-site scripting attack. This vulnerability shouldn\u0027t affect most production sites since you shouldn\u0027t run with \"DEBUG = True\" (which makes this page accessible) in your production settings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12794",
"url": "https://www.suse.com/security/cve/CVE-2017-12794"
},
{
"category": "external",
"summary": "SUSE Bug 1056284 for CVE-2017-12794",
"url": "https://bugzilla.suse.com/1056284"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-12794"
},
{
"cve": "CVE-2017-7233",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7233"
}
],
"notes": [
{
"category": "general",
"text": "Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an \"on success\" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric URLs \"safe\" when they shouldn\u0027t be, aka an open redirect vulnerability. Also, if a developer relies on ``is_safe_url()`` to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7233",
"url": "https://www.suse.com/security/cve/CVE-2017-7233"
},
{
"category": "external",
"summary": "SUSE Bug 1031450 for CVE-2017-7233",
"url": "https://bugzilla.suse.com/1031450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2017-7233"
},
{
"cve": "CVE-2017-7234",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7234"
}
],
"notes": [
{
"category": "general",
"text": "A maliciously crafted URL to a Django (1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18) site using the ``django.views.static.serve()`` view could redirect to any other domain, aka an open redirect vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7234",
"url": "https://www.suse.com/security/cve/CVE-2017-7234"
},
{
"category": "external",
"summary": "SUSE Bug 1031451 for CVE-2017-7234",
"url": "https://bugzilla.suse.com/1031451"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2017-7234"
},
{
"cve": "CVE-2018-16984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16984"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.1 before 2.1.2, in which unprivileged users can read the password hashes of arbitrary accounts. The read-only password widget used by the Django Admin to display an obfuscated password hash was bypassed if a user has only the \"view\" permission (new in Django 2.1), resulting in display of the entire password hash to those users. This may result in a vulnerability for sites with legacy user accounts using insecure hashes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16984",
"url": "https://www.suse.com/security/cve/CVE-2018-16984"
},
{
"category": "external",
"summary": "SUSE Bug 1109621 for CVE-2018-16984",
"url": "https://bugzilla.suse.com/1109621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-16984"
},
{
"cve": "CVE-2018-6188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6188"
}
],
"notes": [
{
"category": "general",
"text": "django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6188",
"url": "https://www.suse.com/security/cve/CVE-2018-6188"
},
{
"category": "external",
"summary": "SUSE Bug 1077714 for CVE-2018-6188",
"url": "https://bugzilla.suse.com/1077714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2018-6188"
},
{
"cve": "CVE-2018-7536",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7536"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize() function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions (only one regular expression for Django 1.8.x). The urlize() function is used to implement the urlize and urlizetrunc template filters, which were thus vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7536",
"url": "https://www.suse.com/security/cve/CVE-2018-7536"
},
{
"category": "external",
"summary": "SUSE Bug 1083304 for CVE-2018-7536",
"url": "https://bugzilla.suse.com/1083304"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-7536"
},
{
"cve": "CVE-2018-7537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7537"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator\u0027s chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7537",
"url": "https://www.suse.com/security/cve/CVE-2018-7537"
},
{
"category": "external",
"summary": "SUSE Bug 1083305 for CVE-2018-7537",
"url": "https://bugzilla.suse.com/1083305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-7537"
},
{
"cve": "CVE-2019-11358",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11358"
}
],
"notes": [
{
"category": "general",
"text": "jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11358",
"url": "https://www.suse.com/security/cve/CVE-2019-11358"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-11358"
},
{
"cve": "CVE-2019-12308",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-12308"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provided as a URL query parameter payload, could result in an clickable JavaScript link.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-12308",
"url": "https://www.suse.com/security/cve/CVE-2019-12308"
},
{
"category": "external",
"summary": "SUSE Bug 1136468 for CVE-2019-12308",
"url": "https://bugzilla.suse.com/1136468"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-12308"
},
{
"cve": "CVE-2019-12781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-12781"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words, django.http.HttpRequest.scheme has incorrect behavior when a client uses HTTP.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-12781",
"url": "https://www.suse.com/security/cve/CVE-2019-12781"
},
{
"category": "external",
"summary": "SUSE Bug 1124991 for CVE-2019-12781",
"url": "https://bugzilla.suse.com/1124991"
},
{
"category": "external",
"summary": "SUSE Bug 1139945 for CVE-2019-12781",
"url": "https://bugzilla.suse.com/1139945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-12781"
},
{
"cve": "CVE-2019-14232",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14232"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator\u0027s chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14232",
"url": "https://www.suse.com/security/cve/CVE-2019-14232"
},
{
"category": "external",
"summary": "SUSE Bug 1142880 for CVE-2019-14232",
"url": "https://bugzilla.suse.com/1142880"
},
{
"category": "external",
"summary": "SUSE Bug 1215978 for CVE-2019-14232",
"url": "https://bugzilla.suse.com/1215978"
},
{
"category": "external",
"summary": "SUSE Bug 1220358 for CVE-2019-14232",
"url": "https://bugzilla.suse.com/1220358"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-14232"
},
{
"cve": "CVE-2019-19118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19118"
}
],
"notes": [
{
"category": "general",
"text": "Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model editing. A Django model admin displaying inline related models, where the user has view-only permissions to a parent model but edit permissions to the inline model, would be presented with an editing UI, allowing POST requests, for updating the inline model. Directly editing the view-only parent model was not possible, but the parent model\u0027s save() method was called, triggering potential side effects, and causing pre and post-save signal handlers to be invoked. (To resolve this, the Django admin is adjusted to require edit permissions on the parent model in order for inline models to be editable.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19118",
"url": "https://www.suse.com/security/cve/CVE-2019-19118"
},
{
"category": "external",
"summary": "SUSE Bug 1157705 for CVE-2019-19118",
"url": "https://bugzilla.suse.com/1157705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-19118"
},
{
"cve": "CVE-2019-19844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19844"
}
],
"notes": [
{
"category": "general",
"text": "Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user\u0027s email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19844",
"url": "https://www.suse.com/security/cve/CVE-2019-19844"
},
{
"category": "external",
"summary": "SUSE Bug 1159447 for CVE-2019-19844",
"url": "https://bugzilla.suse.com/1159447"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-19844"
},
{
"cve": "CVE-2019-3498",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3498"
}
],
"notes": [
{
"category": "general",
"text": "In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, an Improper Neutralization of Special Elements in Output Used by a Downstream Component issue exists in django.views.defaults.page_not_found(), leading to content spoofing (in a 404 error page) if a user fails to recognize that a crafted URL has malicious content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3498",
"url": "https://www.suse.com/security/cve/CVE-2019-3498"
},
{
"category": "external",
"summary": "SUSE Bug 1120932 for CVE-2019-3498",
"url": "https://bugzilla.suse.com/1120932"
},
{
"category": "external",
"summary": "SUSE Bug 1139945 for CVE-2019-3498",
"url": "https://bugzilla.suse.com/1139945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2019-3498"
},
{
"cve": "CVE-2019-6975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6975"
}
],
"notes": [
{
"category": "general",
"text": "Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2.1.6 allows Uncontrolled Memory Consumption via a malicious attacker-supplied value to the django.utils.numberformat.format() function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6975",
"url": "https://www.suse.com/security/cve/CVE-2019-6975"
},
{
"category": "external",
"summary": "SUSE Bug 1124991 for CVE-2019-6975",
"url": "https://bugzilla.suse.com/1124991"
},
{
"category": "external",
"summary": "SUSE Bug 1139945 for CVE-2019-6975",
"url": "https://bugzilla.suse.com/1139945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-6975"
},
{
"cve": "CVE-2020-13254",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-13254"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-13254",
"url": "https://www.suse.com/security/cve/CVE-2020-13254"
},
{
"category": "external",
"summary": "SUSE Bug 1172166 for CVE-2020-13254",
"url": "https://bugzilla.suse.com/1172166"
},
{
"category": "external",
"summary": "SUSE Bug 1172167 for CVE-2020-13254",
"url": "https://bugzilla.suse.com/1172167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-13254"
},
{
"cve": "CVE-2020-13596",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-13596"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-13596",
"url": "https://www.suse.com/security/cve/CVE-2020-13596"
},
{
"category": "external",
"summary": "SUSE Bug 1172166 for CVE-2020-13596",
"url": "https://bugzilla.suse.com/1172166"
},
{
"category": "external",
"summary": "SUSE Bug 1172167 for CVE-2020-13596",
"url": "https://bugzilla.suse.com/1172167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-13596"
},
{
"cve": "CVE-2020-24583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24583"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level collected static directories when using the collectstatic management command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24583",
"url": "https://www.suse.com/security/cve/CVE-2020-24583"
},
{
"category": "external",
"summary": "SUSE Bug 1175784 for CVE-2020-24583",
"url": "https://bugzilla.suse.com/1175784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-24583"
},
{
"cve": "CVE-2020-24584",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24584"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). The intermediate-level directories of the filesystem cache had the system\u0027s standard umask rather than 0o077.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24584",
"url": "https://www.suse.com/security/cve/CVE-2020-24584"
},
{
"category": "external",
"summary": "SUSE Bug 1175784 for CVE-2020-24584",
"url": "https://bugzilla.suse.com/1175784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-24584"
},
{
"cve": "CVE-2020-7471",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-7471"
}
],
"notes": [
{
"category": "general",
"text": "Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter (e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter). By passing a suitably crafted delimiter to a contrib.postgres.aggregates.StringAgg instance, it was possible to break escaping and inject malicious SQL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-7471",
"url": "https://www.suse.com/security/cve/CVE-2020-7471"
},
{
"category": "external",
"summary": "SUSE Bug 1161919 for CVE-2020-7471",
"url": "https://bugzilla.suse.com/1161919"
},
{
"category": "external",
"summary": "SUSE Bug 1161920 for CVE-2020-7471",
"url": "https://bugzilla.suse.com/1161920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-7471"
},
{
"cve": "CVE-2020-9402",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-9402"
}
],
"notes": [
{
"category": "general",
"text": "Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggregates on Oracle, it was possible to break escaping and inject malicious SQL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-9402",
"url": "https://www.suse.com/security/cve/CVE-2020-9402"
},
{
"category": "external",
"summary": "SUSE Bug 1165022 for CVE-2020-9402",
"url": "https://bugzilla.suse.com/1165022"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-9402"
},
{
"cve": "CVE-2021-31542",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-31542"
}
],
"notes": [
{
"category": "general",
"text": "In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-31542",
"url": "https://www.suse.com/security/cve/CVE-2021-31542"
},
{
"category": "external",
"summary": "SUSE Bug 1185623 for CVE-2021-31542",
"url": "https://bugzilla.suse.com/1185623"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-31542"
},
{
"cve": "CVE-2021-32052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32052"
}
],
"notes": [
{
"category": "general",
"text": "In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 (with Python 3.9.5+), URLValidator does not prohibit newlines and tabs (unless the URLField form field is used). If an application uses values with newlines in an HTTP response, header injection can occur. Django itself is unaffected because HttpResponse prohibits newlines in HTTP headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32052",
"url": "https://www.suse.com/security/cve/CVE-2021-32052"
},
{
"category": "external",
"summary": "SUSE Bug 1185713 for CVE-2021-32052",
"url": "https://bugzilla.suse.com/1185713"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-32052"
},
{
"cve": "CVE-2021-33203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33203"
}
],
"notes": [
{
"category": "general",
"text": "Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if (and only if) the default admindocs templates have been customized by application developers to also show file contents, then not only the existence but also the file contents would have been exposed. In other words, there is directory traversal outside of the template root directories.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33203",
"url": "https://www.suse.com/security/cve/CVE-2021-33203"
},
{
"category": "external",
"summary": "SUSE Bug 1186608 for CVE-2021-33203",
"url": "https://bugzilla.suse.com/1186608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-33203"
},
{
"cve": "CVE-2021-33571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33571"
}
],
"notes": [
{
"category": "general",
"text": "In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validate_ipv4_address, and validate_ipv46_address do not prohibit leading zero characters in octal literals. This may allow a bypass of access control that is based on IP addresses. (validate_ipv4_address and validate_ipv46_address are unaffected with Python 3.9.5+..) .",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33571",
"url": "https://www.suse.com/security/cve/CVE-2021-33571"
},
{
"category": "external",
"summary": "SUSE Bug 1186611 for CVE-2021-33571",
"url": "https://bugzilla.suse.com/1186611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-33571"
},
{
"cve": "CVE-2021-35042",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-35042"
}
],
"notes": [
{
"category": "general",
"text": "Django 3.1.x before 3.1.13 and 3.2.x before 3.2.5 allows QuerySet.order_by SQL injection if order_by is untrusted input from a client of a web application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-35042",
"url": "https://www.suse.com/security/cve/CVE-2021-35042"
},
{
"category": "external",
"summary": "SUSE Bug 1187785 for CVE-2021-35042",
"url": "https://bugzilla.suse.com/1187785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python310-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python311-Django-4.2.11-2.1.x86_64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.aarch64",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.ppc64le",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.s390x",
"openSUSE Tumbleweed:python312-Django-4.2.11-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2021-35042"
}
]
}
OPENSUSE-SU-2024:14208-1
Vulnerability from csaf_opensuse - Published: 2024-07-19 00:00 - Updated: 2024-07-19 00:00Summary
python310-Django4-4.2.14-1.1 on GA media
Notes
Title of the patch
python310-Django4-4.2.14-1.1 on GA media
Description of the patch
These are all security issues fixed in the python310-Django4-4.2.14-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-14208
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "python310-Django4-4.2.14-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the python310-Django4-4.2.14-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-14208",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14208-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3982 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5145 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5963 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7401 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7401/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12794 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7233 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7233/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7234 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7234/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16984 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6188 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7536 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7536/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7537 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11358 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11358/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-12308 page",
"url": "https://www.suse.com/security/cve/CVE-2019-12308/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-12781 page",
"url": "https://www.suse.com/security/cve/CVE-2019-12781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14232 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14232/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19118 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19118/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19844 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3498 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3498/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6975 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-13254 page",
"url": "https://www.suse.com/security/cve/CVE-2020-13254/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-13596 page",
"url": "https://www.suse.com/security/cve/CVE-2020-13596/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24583 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24584 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24584/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-7471 page",
"url": "https://www.suse.com/security/cve/CVE-2020-7471/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-9402 page",
"url": "https://www.suse.com/security/cve/CVE-2020-9402/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-31542 page",
"url": "https://www.suse.com/security/cve/CVE-2021-31542/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-32052 page",
"url": "https://www.suse.com/security/cve/CVE-2021-32052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33203 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33571 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-35042 page",
"url": "https://www.suse.com/security/cve/CVE-2021-35042/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-45115 page",
"url": "https://www.suse.com/security/cve/CVE-2021-45115/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-45452 page",
"url": "https://www.suse.com/security/cve/CVE-2021-45452/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-22818 page",
"url": "https://www.suse.com/security/cve/CVE-2022-22818/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-23833 page",
"url": "https://www.suse.com/security/cve/CVE-2022-23833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-28346 page",
"url": "https://www.suse.com/security/cve/CVE-2022-28346/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-28347 page",
"url": "https://www.suse.com/security/cve/CVE-2022-28347/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-34265 page",
"url": "https://www.suse.com/security/cve/CVE-2022-34265/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-36359 page",
"url": "https://www.suse.com/security/cve/CVE-2022-36359/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41323 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41323/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-23969 page",
"url": "https://www.suse.com/security/cve/CVE-2023-23969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-24580 page",
"url": "https://www.suse.com/security/cve/CVE-2023-24580/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-31047 page",
"url": "https://www.suse.com/security/cve/CVE-2023-31047/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-36053 page",
"url": "https://www.suse.com/security/cve/CVE-2023-36053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-41164 page",
"url": "https://www.suse.com/security/cve/CVE-2023-41164/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-43665 page",
"url": "https://www.suse.com/security/cve/CVE-2023-43665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24680 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27351 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27351/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38875 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39329 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39329/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39330 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39330/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39614 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39614/"
}
],
"title": "python310-Django4-4.2.14-1.1 on GA media",
"tracking": {
"current_release_date": "2024-07-19T00:00:00Z",
"generator": {
"date": "2024-07-19T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:14208-1",
"initial_release_date": "2024-07-19T00:00:00Z",
"revision_history": [
{
"date": "2024-07-19T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python310-Django4-4.2.14-1.1.aarch64",
"product": {
"name": "python310-Django4-4.2.14-1.1.aarch64",
"product_id": "python310-Django4-4.2.14-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python311-Django4-4.2.14-1.1.aarch64",
"product": {
"name": "python311-Django4-4.2.14-1.1.aarch64",
"product_id": "python311-Django4-4.2.14-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python312-Django4-4.2.14-1.1.aarch64",
"product": {
"name": "python312-Django4-4.2.14-1.1.aarch64",
"product_id": "python312-Django4-4.2.14-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python310-Django4-4.2.14-1.1.ppc64le",
"product": {
"name": "python310-Django4-4.2.14-1.1.ppc64le",
"product_id": "python310-Django4-4.2.14-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python311-Django4-4.2.14-1.1.ppc64le",
"product": {
"name": "python311-Django4-4.2.14-1.1.ppc64le",
"product_id": "python311-Django4-4.2.14-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python312-Django4-4.2.14-1.1.ppc64le",
"product": {
"name": "python312-Django4-4.2.14-1.1.ppc64le",
"product_id": "python312-Django4-4.2.14-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python310-Django4-4.2.14-1.1.s390x",
"product": {
"name": "python310-Django4-4.2.14-1.1.s390x",
"product_id": "python310-Django4-4.2.14-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python311-Django4-4.2.14-1.1.s390x",
"product": {
"name": "python311-Django4-4.2.14-1.1.s390x",
"product_id": "python311-Django4-4.2.14-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python312-Django4-4.2.14-1.1.s390x",
"product": {
"name": "python312-Django4-4.2.14-1.1.s390x",
"product_id": "python312-Django4-4.2.14-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python310-Django4-4.2.14-1.1.x86_64",
"product": {
"name": "python310-Django4-4.2.14-1.1.x86_64",
"product_id": "python310-Django4-4.2.14-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python311-Django4-4.2.14-1.1.x86_64",
"product": {
"name": "python311-Django4-4.2.14-1.1.x86_64",
"product_id": "python311-Django4-4.2.14-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python312-Django4-4.2.14-1.1.x86_64",
"product": {
"name": "python312-Django4-4.2.14-1.1.x86_64",
"product_id": "python312-Django4-4.2.14-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-Django4-4.2.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64"
},
"product_reference": "python310-Django4-4.2.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-Django4-4.2.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le"
},
"product_reference": "python310-Django4-4.2.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-Django4-4.2.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x"
},
"product_reference": "python310-Django4-4.2.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-Django4-4.2.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64"
},
"product_reference": "python310-Django4-4.2.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Django4-4.2.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64"
},
"product_reference": "python311-Django4-4.2.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Django4-4.2.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le"
},
"product_reference": "python311-Django4-4.2.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Django4-4.2.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x"
},
"product_reference": "python311-Django4-4.2.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Django4-4.2.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64"
},
"product_reference": "python311-Django4-4.2.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-Django4-4.2.14-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64"
},
"product_reference": "python312-Django4-4.2.14-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-Django4-4.2.14-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le"
},
"product_reference": "python312-Django4-4.2.14-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-Django4-4.2.14-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x"
},
"product_reference": "python312-Django4-4.2.14-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-Django4-4.2.14-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
},
"product_reference": "python312-Django4-4.2.14-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-3982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3982"
}
],
"notes": [
{
"category": "general",
"text": "The session.flush function in the cached_db backend in Django 1.8.x before 1.8.2 does not properly flush the session, which allows remote attackers to hijack user sessions via an empty string in the session key.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3982",
"url": "https://www.suse.com/security/cve/CVE-2015-3982"
},
{
"category": "external",
"summary": "SUSE Bug 932265 for CVE-2015-3982",
"url": "https://bugzilla.suse.com/932265"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-3982"
},
{
"cve": "CVE-2015-5145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5145"
}
],
"notes": [
{
"category": "general",
"text": "validators.URLValidator in Django 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5145",
"url": "https://www.suse.com/security/cve/CVE-2015-5145"
},
{
"category": "external",
"summary": "SUSE Bug 937524 for CVE-2015-5145",
"url": "https://bugzilla.suse.com/937524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-5145"
},
{
"cve": "CVE-2015-5963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5963"
}
],
"notes": [
{
"category": "general",
"text": "contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions allows remote attackers to cause a denial of service (session store consumption or session record removal) via a large number of requests to contrib.auth.views.logout, which triggers the creation of an empty session record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5963",
"url": "https://www.suse.com/security/cve/CVE-2015-5963"
},
{
"category": "external",
"summary": "SUSE Bug 941587 for CVE-2015-5963",
"url": "https://bugzilla.suse.com/941587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-5963"
},
{
"cve": "CVE-2016-7401",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7401"
}
],
"notes": [
{
"category": "general",
"text": "The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.10, when used on a site with Google Analytics, allows remote attackers to bypass an intended CSRF protection mechanism by setting arbitrary cookies.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7401",
"url": "https://www.suse.com/security/cve/CVE-2016-7401"
},
{
"category": "external",
"summary": "SUSE Bug 1001374 for CVE-2016-7401",
"url": "https://bugzilla.suse.com/1001374"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7401"
},
{
"cve": "CVE-2017-12794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12794"
}
],
"notes": [
{
"category": "general",
"text": "In Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5, HTML autoescaping was disabled in a portion of the template for the technical 500 debug page. Given the right circumstances, this allowed a cross-site scripting attack. This vulnerability shouldn\u0027t affect most production sites since you shouldn\u0027t run with \"DEBUG = True\" (which makes this page accessible) in your production settings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12794",
"url": "https://www.suse.com/security/cve/CVE-2017-12794"
},
{
"category": "external",
"summary": "SUSE Bug 1056284 for CVE-2017-12794",
"url": "https://bugzilla.suse.com/1056284"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-12794"
},
{
"cve": "CVE-2017-7233",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7233"
}
],
"notes": [
{
"category": "general",
"text": "Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an \"on success\" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric URLs \"safe\" when they shouldn\u0027t be, aka an open redirect vulnerability. Also, if a developer relies on ``is_safe_url()`` to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7233",
"url": "https://www.suse.com/security/cve/CVE-2017-7233"
},
{
"category": "external",
"summary": "SUSE Bug 1031450 for CVE-2017-7233",
"url": "https://bugzilla.suse.com/1031450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2017-7233"
},
{
"cve": "CVE-2017-7234",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7234"
}
],
"notes": [
{
"category": "general",
"text": "A maliciously crafted URL to a Django (1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18) site using the ``django.views.static.serve()`` view could redirect to any other domain, aka an open redirect vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7234",
"url": "https://www.suse.com/security/cve/CVE-2017-7234"
},
{
"category": "external",
"summary": "SUSE Bug 1031451 for CVE-2017-7234",
"url": "https://bugzilla.suse.com/1031451"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2017-7234"
},
{
"cve": "CVE-2018-16984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16984"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.1 before 2.1.2, in which unprivileged users can read the password hashes of arbitrary accounts. The read-only password widget used by the Django Admin to display an obfuscated password hash was bypassed if a user has only the \"view\" permission (new in Django 2.1), resulting in display of the entire password hash to those users. This may result in a vulnerability for sites with legacy user accounts using insecure hashes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16984",
"url": "https://www.suse.com/security/cve/CVE-2018-16984"
},
{
"category": "external",
"summary": "SUSE Bug 1109621 for CVE-2018-16984",
"url": "https://bugzilla.suse.com/1109621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-16984"
},
{
"cve": "CVE-2018-6188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6188"
}
],
"notes": [
{
"category": "general",
"text": "django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6188",
"url": "https://www.suse.com/security/cve/CVE-2018-6188"
},
{
"category": "external",
"summary": "SUSE Bug 1077714 for CVE-2018-6188",
"url": "https://bugzilla.suse.com/1077714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2018-6188"
},
{
"cve": "CVE-2018-7536",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7536"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize() function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions (only one regular expression for Django 1.8.x). The urlize() function is used to implement the urlize and urlizetrunc template filters, which were thus vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7536",
"url": "https://www.suse.com/security/cve/CVE-2018-7536"
},
{
"category": "external",
"summary": "SUSE Bug 1083304 for CVE-2018-7536",
"url": "https://bugzilla.suse.com/1083304"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-7536"
},
{
"cve": "CVE-2018-7537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7537"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator\u0027s chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7537",
"url": "https://www.suse.com/security/cve/CVE-2018-7537"
},
{
"category": "external",
"summary": "SUSE Bug 1083305 for CVE-2018-7537",
"url": "https://bugzilla.suse.com/1083305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-7537"
},
{
"cve": "CVE-2019-11358",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11358"
}
],
"notes": [
{
"category": "general",
"text": "jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11358",
"url": "https://www.suse.com/security/cve/CVE-2019-11358"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-11358"
},
{
"cve": "CVE-2019-12308",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-12308"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provided as a URL query parameter payload, could result in an clickable JavaScript link.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-12308",
"url": "https://www.suse.com/security/cve/CVE-2019-12308"
},
{
"category": "external",
"summary": "SUSE Bug 1136468 for CVE-2019-12308",
"url": "https://bugzilla.suse.com/1136468"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-12308"
},
{
"cve": "CVE-2019-12781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-12781"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words, django.http.HttpRequest.scheme has incorrect behavior when a client uses HTTP.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-12781",
"url": "https://www.suse.com/security/cve/CVE-2019-12781"
},
{
"category": "external",
"summary": "SUSE Bug 1124991 for CVE-2019-12781",
"url": "https://bugzilla.suse.com/1124991"
},
{
"category": "external",
"summary": "SUSE Bug 1139945 for CVE-2019-12781",
"url": "https://bugzilla.suse.com/1139945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-12781"
},
{
"cve": "CVE-2019-14232",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14232"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator\u0027s chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14232",
"url": "https://www.suse.com/security/cve/CVE-2019-14232"
},
{
"category": "external",
"summary": "SUSE Bug 1142880 for CVE-2019-14232",
"url": "https://bugzilla.suse.com/1142880"
},
{
"category": "external",
"summary": "SUSE Bug 1215978 for CVE-2019-14232",
"url": "https://bugzilla.suse.com/1215978"
},
{
"category": "external",
"summary": "SUSE Bug 1220358 for CVE-2019-14232",
"url": "https://bugzilla.suse.com/1220358"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-14232"
},
{
"cve": "CVE-2019-19118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19118"
}
],
"notes": [
{
"category": "general",
"text": "Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model editing. A Django model admin displaying inline related models, where the user has view-only permissions to a parent model but edit permissions to the inline model, would be presented with an editing UI, allowing POST requests, for updating the inline model. Directly editing the view-only parent model was not possible, but the parent model\u0027s save() method was called, triggering potential side effects, and causing pre and post-save signal handlers to be invoked. (To resolve this, the Django admin is adjusted to require edit permissions on the parent model in order for inline models to be editable.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19118",
"url": "https://www.suse.com/security/cve/CVE-2019-19118"
},
{
"category": "external",
"summary": "SUSE Bug 1157705 for CVE-2019-19118",
"url": "https://bugzilla.suse.com/1157705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-19118"
},
{
"cve": "CVE-2019-19844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19844"
}
],
"notes": [
{
"category": "general",
"text": "Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user\u0027s email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19844",
"url": "https://www.suse.com/security/cve/CVE-2019-19844"
},
{
"category": "external",
"summary": "SUSE Bug 1159447 for CVE-2019-19844",
"url": "https://bugzilla.suse.com/1159447"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-19844"
},
{
"cve": "CVE-2019-3498",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3498"
}
],
"notes": [
{
"category": "general",
"text": "In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, an Improper Neutralization of Special Elements in Output Used by a Downstream Component issue exists in django.views.defaults.page_not_found(), leading to content spoofing (in a 404 error page) if a user fails to recognize that a crafted URL has malicious content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3498",
"url": "https://www.suse.com/security/cve/CVE-2019-3498"
},
{
"category": "external",
"summary": "SUSE Bug 1120932 for CVE-2019-3498",
"url": "https://bugzilla.suse.com/1120932"
},
{
"category": "external",
"summary": "SUSE Bug 1139945 for CVE-2019-3498",
"url": "https://bugzilla.suse.com/1139945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2019-3498"
},
{
"cve": "CVE-2019-6975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6975"
}
],
"notes": [
{
"category": "general",
"text": "Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2.1.6 allows Uncontrolled Memory Consumption via a malicious attacker-supplied value to the django.utils.numberformat.format() function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6975",
"url": "https://www.suse.com/security/cve/CVE-2019-6975"
},
{
"category": "external",
"summary": "SUSE Bug 1124991 for CVE-2019-6975",
"url": "https://bugzilla.suse.com/1124991"
},
{
"category": "external",
"summary": "SUSE Bug 1139945 for CVE-2019-6975",
"url": "https://bugzilla.suse.com/1139945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-6975"
},
{
"cve": "CVE-2020-13254",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-13254"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-13254",
"url": "https://www.suse.com/security/cve/CVE-2020-13254"
},
{
"category": "external",
"summary": "SUSE Bug 1172166 for CVE-2020-13254",
"url": "https://bugzilla.suse.com/1172166"
},
{
"category": "external",
"summary": "SUSE Bug 1172167 for CVE-2020-13254",
"url": "https://bugzilla.suse.com/1172167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-13254"
},
{
"cve": "CVE-2020-13596",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-13596"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-13596",
"url": "https://www.suse.com/security/cve/CVE-2020-13596"
},
{
"category": "external",
"summary": "SUSE Bug 1172166 for CVE-2020-13596",
"url": "https://bugzilla.suse.com/1172166"
},
{
"category": "external",
"summary": "SUSE Bug 1172167 for CVE-2020-13596",
"url": "https://bugzilla.suse.com/1172167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-13596"
},
{
"cve": "CVE-2020-24583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24583"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level collected static directories when using the collectstatic management command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24583",
"url": "https://www.suse.com/security/cve/CVE-2020-24583"
},
{
"category": "external",
"summary": "SUSE Bug 1175784 for CVE-2020-24583",
"url": "https://bugzilla.suse.com/1175784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-24583"
},
{
"cve": "CVE-2020-24584",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24584"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). The intermediate-level directories of the filesystem cache had the system\u0027s standard umask rather than 0o077.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24584",
"url": "https://www.suse.com/security/cve/CVE-2020-24584"
},
{
"category": "external",
"summary": "SUSE Bug 1175784 for CVE-2020-24584",
"url": "https://bugzilla.suse.com/1175784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-24584"
},
{
"cve": "CVE-2020-7471",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-7471"
}
],
"notes": [
{
"category": "general",
"text": "Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter (e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter). By passing a suitably crafted delimiter to a contrib.postgres.aggregates.StringAgg instance, it was possible to break escaping and inject malicious SQL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-7471",
"url": "https://www.suse.com/security/cve/CVE-2020-7471"
},
{
"category": "external",
"summary": "SUSE Bug 1161919 for CVE-2020-7471",
"url": "https://bugzilla.suse.com/1161919"
},
{
"category": "external",
"summary": "SUSE Bug 1161920 for CVE-2020-7471",
"url": "https://bugzilla.suse.com/1161920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-7471"
},
{
"cve": "CVE-2020-9402",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-9402"
}
],
"notes": [
{
"category": "general",
"text": "Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggregates on Oracle, it was possible to break escaping and inject malicious SQL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-9402",
"url": "https://www.suse.com/security/cve/CVE-2020-9402"
},
{
"category": "external",
"summary": "SUSE Bug 1165022 for CVE-2020-9402",
"url": "https://bugzilla.suse.com/1165022"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-9402"
},
{
"cve": "CVE-2021-31542",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-31542"
}
],
"notes": [
{
"category": "general",
"text": "In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-31542",
"url": "https://www.suse.com/security/cve/CVE-2021-31542"
},
{
"category": "external",
"summary": "SUSE Bug 1185623 for CVE-2021-31542",
"url": "https://bugzilla.suse.com/1185623"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-31542"
},
{
"cve": "CVE-2021-32052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-32052"
}
],
"notes": [
{
"category": "general",
"text": "In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 (with Python 3.9.5+), URLValidator does not prohibit newlines and tabs (unless the URLField form field is used). If an application uses values with newlines in an HTTP response, header injection can occur. Django itself is unaffected because HttpResponse prohibits newlines in HTTP headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-32052",
"url": "https://www.suse.com/security/cve/CVE-2021-32052"
},
{
"category": "external",
"summary": "SUSE Bug 1185713 for CVE-2021-32052",
"url": "https://bugzilla.suse.com/1185713"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-32052"
},
{
"cve": "CVE-2021-33203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33203"
}
],
"notes": [
{
"category": "general",
"text": "Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if (and only if) the default admindocs templates have been customized by application developers to also show file contents, then not only the existence but also the file contents would have been exposed. In other words, there is directory traversal outside of the template root directories.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33203",
"url": "https://www.suse.com/security/cve/CVE-2021-33203"
},
{
"category": "external",
"summary": "SUSE Bug 1186608 for CVE-2021-33203",
"url": "https://bugzilla.suse.com/1186608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-33203"
},
{
"cve": "CVE-2021-33571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33571"
}
],
"notes": [
{
"category": "general",
"text": "In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validate_ipv4_address, and validate_ipv46_address do not prohibit leading zero characters in octal literals. This may allow a bypass of access control that is based on IP addresses. (validate_ipv4_address and validate_ipv46_address are unaffected with Python 3.9.5+..) .",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33571",
"url": "https://www.suse.com/security/cve/CVE-2021-33571"
},
{
"category": "external",
"summary": "SUSE Bug 1186611 for CVE-2021-33571",
"url": "https://bugzilla.suse.com/1186611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-33571"
},
{
"cve": "CVE-2021-35042",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-35042"
}
],
"notes": [
{
"category": "general",
"text": "Django 3.1.x before 3.1.13 and 3.2.x before 3.2.5 allows QuerySet.order_by SQL injection if order_by is untrusted input from a client of a web application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-35042",
"url": "https://www.suse.com/security/cve/CVE-2021-35042"
},
{
"category": "external",
"summary": "SUSE Bug 1187785 for CVE-2021-35042",
"url": "https://bugzilla.suse.com/1187785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2021-35042"
},
{
"cve": "CVE-2021-45115",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-45115"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. UserAttributeSimilarityValidator incurred significant overhead in evaluating a submitted password that was artificially large in relation to the comparison values. In a situation where access to user registration was unrestricted, this provided a potential vector for a denial-of-service attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-45115",
"url": "https://www.suse.com/security/cve/CVE-2021-45115"
},
{
"category": "external",
"summary": "SUSE Bug 1194115 for CVE-2021-45115",
"url": "https://bugzilla.suse.com/1194115"
},
{
"category": "external",
"summary": "SUSE Bug 1194117 for CVE-2021-45115",
"url": "https://bugzilla.suse.com/1194117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-45115"
},
{
"cve": "CVE-2021-45452",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-45452"
}
],
"notes": [
{
"category": "general",
"text": "Storage.save in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1 allows directory traversal if crafted filenames are directly passed to it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-45452",
"url": "https://www.suse.com/security/cve/CVE-2021-45452"
},
{
"category": "external",
"summary": "SUSE Bug 1194116 for CVE-2021-45452",
"url": "https://bugzilla.suse.com/1194116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-45452"
},
{
"cve": "CVE-2022-22818",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-22818"
}
],
"notes": [
{
"category": "general",
"text": "The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to XSS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-22818",
"url": "https://www.suse.com/security/cve/CVE-2022-22818"
},
{
"category": "external",
"summary": "SUSE Bug 1195086 for CVE-2022-22818",
"url": "https://bugzilla.suse.com/1195086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-22818"
},
{
"cve": "CVE-2022-23833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-23833"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-23833",
"url": "https://www.suse.com/security/cve/CVE-2022-23833"
},
{
"category": "external",
"summary": "SUSE Bug 1195088 for CVE-2022-23833",
"url": "https://bugzilla.suse.com/1195088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-23833"
},
{
"cve": "CVE-2022-28346",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-28346"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-28346",
"url": "https://www.suse.com/security/cve/CVE-2022-28346"
},
{
"category": "external",
"summary": "SUSE Bug 1198398 for CVE-2022-28346",
"url": "https://bugzilla.suse.com/1198398"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-28346"
},
{
"cve": "CVE-2022-28347",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-28347"
}
],
"notes": [
{
"category": "general",
"text": "A SQL injection issue was discovered in QuerySet.explain() in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. This occurs by passing a crafted dictionary (with dictionary expansion) as the **options argument, and placing the injection payload in an option name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-28347",
"url": "https://www.suse.com/security/cve/CVE-2022-28347"
},
{
"category": "external",
"summary": "SUSE Bug 1198399 for CVE-2022-28347",
"url": "https://bugzilla.suse.com/1198399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-28347"
},
{
"cve": "CVE-2022-34265",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-34265"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-34265",
"url": "https://www.suse.com/security/cve/CVE-2022-34265"
},
{
"category": "external",
"summary": "SUSE Bug 1201186 for CVE-2022-34265",
"url": "https://bugzilla.suse.com/1201186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-34265"
},
{
"cve": "CVE-2022-36359",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-36359"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-36359",
"url": "https://www.suse.com/security/cve/CVE-2022-36359"
},
{
"category": "external",
"summary": "SUSE Bug 1201923 for CVE-2022-36359",
"url": "https://bugzilla.suse.com/1201923"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-36359"
},
{
"cve": "CVE-2022-41323",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41323"
}
],
"notes": [
{
"category": "general",
"text": "In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41323",
"url": "https://www.suse.com/security/cve/CVE-2022-41323"
},
{
"category": "external",
"summary": "SUSE Bug 1203793 for CVE-2022-41323",
"url": "https://bugzilla.suse.com/1203793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-41323"
},
{
"cve": "CVE-2023-23969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-23969"
}
],
"notes": [
{
"category": "general",
"text": "In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very large.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-23969",
"url": "https://www.suse.com/security/cve/CVE-2023-23969"
},
{
"category": "external",
"summary": "SUSE Bug 1207565 for CVE-2023-23969",
"url": "https://bugzilla.suse.com/1207565"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-23969"
},
{
"cve": "CVE-2023-24580",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-24580"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs (e.g., an excessive number of parts) to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for a denial-of-service attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-24580",
"url": "https://www.suse.com/security/cve/CVE-2023-24580"
},
{
"category": "external",
"summary": "SUSE Bug 1208082 for CVE-2023-24580",
"url": "https://bugzilla.suse.com/1208082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-24580"
},
{
"cve": "CVE-2023-31047",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-31047"
}
],
"notes": [
{
"category": "general",
"text": "In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. This multiple upload has never been supported by forms.FileField or forms.ImageField (only the last uploaded file was validated). However, Django\u0027s \"Uploading multiple files\" documentation suggested otherwise.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-31047",
"url": "https://www.suse.com/security/cve/CVE-2023-31047"
},
{
"category": "external",
"summary": "SUSE Bug 1210866 for CVE-2023-31047",
"url": "https://bugzilla.suse.com/1210866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-31047"
},
{
"cve": "CVE-2023-36053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-36053"
}
],
"notes": [
{
"category": "general",
"text": "In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-36053",
"url": "https://www.suse.com/security/cve/CVE-2023-36053"
},
{
"category": "external",
"summary": "SUSE Bug 1212742 for CVE-2023-36053",
"url": "https://bugzilla.suse.com/1212742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-36053"
},
{
"cve": "CVE-2023-41164",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-41164"
}
],
"notes": [
{
"category": "general",
"text": "In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uri_to_iri() is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-41164",
"url": "https://www.suse.com/security/cve/CVE-2023-41164"
},
{
"category": "external",
"summary": "SUSE Bug 1214667 for CVE-2023-41164",
"url": "https://bugzilla.suse.com/1214667"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-41164"
},
{
"cve": "CVE-2023-43665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-43665"
}
],
"notes": [
{
"category": "general",
"text": "In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial of service) attack via certain inputs with very long, potentially malformed HTML text. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which are thus also vulnerable. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-43665",
"url": "https://www.suse.com/security/cve/CVE-2023-43665"
},
{
"category": "external",
"summary": "SUSE Bug 1215978 for CVE-2023-43665",
"url": "https://bugzilla.suse.com/1215978"
},
{
"category": "external",
"summary": "SUSE Bug 1220358 for CVE-2023-43665",
"url": "https://bugzilla.suse.com/1220358"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-43665"
},
{
"cve": "CVE-2024-24680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24680"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24680",
"url": "https://www.suse.com/security/cve/CVE-2024-24680"
},
{
"category": "external",
"summary": "SUSE Bug 1219683 for CVE-2024-24680",
"url": "https://bugzilla.suse.com/1219683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-24680"
},
{
"cve": "CVE-2024-27351",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27351"
}
],
"notes": [
{
"category": "general",
"text": "In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words() method (with html=True) and the truncatewords_html template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232 and CVE-2023-43665.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27351",
"url": "https://www.suse.com/security/cve/CVE-2024-27351"
},
{
"category": "external",
"summary": "SUSE Bug 1220358 for CVE-2024-27351",
"url": "https://bugzilla.suse.com/1220358"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-27351"
},
{
"cve": "CVE-2024-38875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38875"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with a very large number of brackets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38875",
"url": "https://www.suse.com/security/cve/CVE-2024-38875"
},
{
"category": "external",
"summary": "SUSE Bug 1227590 for CVE-2024-38875",
"url": "https://bugzilla.suse.com/1227590"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-38875"
},
{
"cve": "CVE-2024-39329",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39329"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. The django.contrib.auth.backends.ModelBackend.authenticate() method allows remote attackers to enumerate users via a timing attack involving login requests for users with an unusable password.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39329",
"url": "https://www.suse.com/security/cve/CVE-2024-39329"
},
{
"category": "external",
"summary": "SUSE Bug 1227590 for CVE-2024-39329",
"url": "https://bugzilla.suse.com/1227590"
},
{
"category": "external",
"summary": "SUSE Bug 1227593 for CVE-2024-39329",
"url": "https://bugzilla.suse.com/1227593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-39329"
},
{
"cve": "CVE-2024-39330",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39330"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base class, when they override generate_filename() without replicating the file-path validations from the parent class, potentially allow directory traversal via certain inputs during a save() call. (Built-in Storage sub-classes are unaffected.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39330",
"url": "https://www.suse.com/security/cve/CVE-2024-39330"
},
{
"category": "external",
"summary": "SUSE Bug 1227590 for CVE-2024-39330",
"url": "https://bugzilla.suse.com/1227590"
},
{
"category": "external",
"summary": "SUSE Bug 1227594 for CVE-2024-39330",
"url": "https://bugzilla.suse.com/1227594"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-39330"
},
{
"cve": "CVE-2024-39614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39614"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. get_supported_language_variant() was subject to a potential denial-of-service attack when used with very long strings containing specific characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39614",
"url": "https://www.suse.com/security/cve/CVE-2024-39614"
},
{
"category": "external",
"summary": "SUSE Bug 1227590 for CVE-2024-39614",
"url": "https://bugzilla.suse.com/1227590"
},
{
"category": "external",
"summary": "SUSE Bug 1227595 for CVE-2024-39614",
"url": "https://bugzilla.suse.com/1227595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python310-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python311-Django4-4.2.14-1.1.x86_64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.aarch64",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.ppc64le",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.s390x",
"openSUSE Tumbleweed:python312-Django4-4.2.14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-19T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-39614"
}
]
}
RHSA-2019:3024
Vulnerability from csaf_redhat - Published: 2019-10-10 15:39 - Updated: 2025-11-21 18:10Summary
Red Hat Security Advisory: ovirt-web-ui security and bug fix update
Notes
Topic
An update for ovirt-web-ui is now available for Red Hat Virtualization Engine 4.3.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The ovirt-web-ui package provides the web interface for Red Hat Virtualization.
Security Fix(es):
* nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties (CVE-2019-10744)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Known moderate severity security vulnerability detected by GitHub on ovirt-web-ui components (BZ#1694032)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ovirt-web-ui is now available for Red Hat Virtualization Engine 4.3.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The ovirt-web-ui package provides the web interface for Red Hat Virtualization.\n\nSecurity Fix(es):\n\n* nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties (CVE-2019-10744)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* js-jquery: prototype pollution in object\u0027s prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Known moderate severity security vulnerability detected by GitHub on ovirt-web-ui components (BZ#1694032)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:3024",
"url": "https://access.redhat.com/errata/RHSA-2019:3024"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1739497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1739497"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3024.json"
}
],
"title": "Red Hat Security Advisory: ovirt-web-ui security and bug fix update",
"tracking": {
"current_release_date": "2025-11-21T18:10:29+00:00",
"generator": {
"date": "2025-11-21T18:10:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2019:3024",
"initial_release_date": "2019-10-10T15:39:21+00:00",
"revision_history": [
{
"date": "2019-10-10T15:39:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-10-10T15:39:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:10:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHV-M 4.3",
"product": {
"name": "RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhev_manager:4.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-web-ui-0:1.6.0-1.el7ev.noarch",
"product": {
"name": "ovirt-web-ui-0:1.6.0-1.el7ev.noarch",
"product_id": "ovirt-web-ui-0:1.6.0-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-web-ui@1.6.0-1.el7ev?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-web-ui-0:1.6.0-1.el7ev.src",
"product": {
"name": "ovirt-web-ui-0:1.6.0-1.el7ev.src",
"product_id": "ovirt-web-ui-0:1.6.0-1.el7ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-web-ui@1.6.0-1.el7ev?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-web-ui-0:1.6.0-1.el7ev.noarch as a component of RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3:ovirt-web-ui-0:1.6.0-1.el7ev.noarch"
},
"product_reference": "ovirt-web-ui-0:1.6.0-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHV-S-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-web-ui-0:1.6.0-1.el7ev.src as a component of RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3:ovirt-web-ui-0:1.6.0-1.el7ev.src"
},
"product_reference": "ovirt-web-ui-0:1.6.0-1.el7ev.src",
"relates_to_product_reference": "7Server-RHV-S-4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-web-ui-0:1.6.0-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-web-ui-0:1.6.0-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-10T15:39:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-web-ui-0:1.6.0-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-web-ui-0:1.6.0-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3024"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-web-ui-0:1.6.0-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-web-ui-0:1.6.0-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-10744",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2019-07-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1739497"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in lodash. Calling certain methods with untrusted JSON could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The lodash dependency is included in OpenShift Container Platform (OCP) by Kibana in the aggregated logging stack. Elastic have issued a security advisory (ESA-2019-10) for Kibana for this vulnerability, and in that advisory stated that no exploit vectors had been identified in Kibana. Therefore we rate this issue as moderate for OCP and may fix this issue in a future release.\n\nhttps://www.elastic.co/community/security\n\nThis issue did not affect the versions of rh-nodejs8-nodejs and rh-nodejs10-nodejs as shipped with Red Hat Software Collections.\n\nWhilst a vulnerable version of lodash has been included in ServiceMesh, the impact is lowered to Moderate due to the library not being directly accessible increasing the attack complexity and the fact that the attacker would need some existing access - meaning the vulnerability is not crossing a privilege boundary.\n\nRed Hat Quay imports lodash as a runtime dependency of restangular. The restangular function in use by Red Hat Quay do not use lodash to parse user input. This issue therefore rated moderate impact for Red Hat Quay.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-web-ui-0:1.6.0-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-web-ui-0:1.6.0-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10744"
},
{
"category": "external",
"summary": "RHBZ#1739497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1739497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10744",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10744"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10744",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10744"
}
],
"release_date": "2019-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-10T15:39:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-web-ui-0:1.6.0-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-web-ui-0:1.6.0-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3024"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-web-ui-0:1.6.0-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-web-ui-0:1.6.0-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-web-ui-0:1.6.0-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-web-ui-0:1.6.0-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-10T15:39:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-web-ui-0:1.6.0-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-web-ui-0:1.6.0-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3024"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-web-ui-0:1.6.0-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-web-ui-0:1.6.0-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
}
]
}
RHSA-2023:0556
Vulnerability from csaf_redhat - Published: 2023-01-31 13:18 - Updated: 2026-01-08 09:44Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods (CVE-2020-11023)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* nodejs-moment: Regular expression denial of service (CVE-2017-18214)
* wildfly-elytron: possible timing attacks via use of unsafe comparator (CVE-2022-3143)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods (CVE-2020-11023)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)\n\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* nodejs-moment: Regular expression denial of service (CVE-2017-18214)\n\n* wildfly-elytron: possible timing attacks via use of unsafe comparator (CVE-2022-3143)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0556",
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "JBEAP-23864",
"url": "https://issues.redhat.com/browse/JBEAP-23864"
},
{
"category": "external",
"summary": "JBEAP-23865",
"url": "https://issues.redhat.com/browse/JBEAP-23865"
},
{
"category": "external",
"summary": "JBEAP-23866",
"url": "https://issues.redhat.com/browse/JBEAP-23866"
},
{
"category": "external",
"summary": "JBEAP-24055",
"url": "https://issues.redhat.com/browse/JBEAP-24055"
},
{
"category": "external",
"summary": "JBEAP-24081",
"url": "https://issues.redhat.com/browse/JBEAP-24081"
},
{
"category": "external",
"summary": "JBEAP-24095",
"url": "https://issues.redhat.com/browse/JBEAP-24095"
},
{
"category": "external",
"summary": "JBEAP-24100",
"url": "https://issues.redhat.com/browse/JBEAP-24100"
},
{
"category": "external",
"summary": "JBEAP-24127",
"url": "https://issues.redhat.com/browse/JBEAP-24127"
},
{
"category": "external",
"summary": "JBEAP-24128",
"url": "https://issues.redhat.com/browse/JBEAP-24128"
},
{
"category": "external",
"summary": "JBEAP-24132",
"url": "https://issues.redhat.com/browse/JBEAP-24132"
},
{
"category": "external",
"summary": "JBEAP-24147",
"url": "https://issues.redhat.com/browse/JBEAP-24147"
},
{
"category": "external",
"summary": "JBEAP-24167",
"url": "https://issues.redhat.com/browse/JBEAP-24167"
},
{
"category": "external",
"summary": "JBEAP-24191",
"url": "https://issues.redhat.com/browse/JBEAP-24191"
},
{
"category": "external",
"summary": "JBEAP-24195",
"url": "https://issues.redhat.com/browse/JBEAP-24195"
},
{
"category": "external",
"summary": "JBEAP-24207",
"url": "https://issues.redhat.com/browse/JBEAP-24207"
},
{
"category": "external",
"summary": "JBEAP-24248",
"url": "https://issues.redhat.com/browse/JBEAP-24248"
},
{
"category": "external",
"summary": "JBEAP-24426",
"url": "https://issues.redhat.com/browse/JBEAP-24426"
},
{
"category": "external",
"summary": "JBEAP-24427",
"url": "https://issues.redhat.com/browse/JBEAP-24427"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0556.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update",
"tracking": {
"current_release_date": "2026-01-08T09:44:20+00:00",
"generator": {
"date": "2026-01-08T09:44:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2023:0556",
"initial_release_date": "2023-01-31T13:18:26+00:00",
"revision_history": [
{
"date": "2023-01-31T13:18:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-23T23:10:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-08T09:44:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product_id": "Red Hat JBoss Enterprise Application Platform 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2017-18214",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-03-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1553413"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-moment: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of momentjs as shipped with Red Hat Enterprise Satellite 5. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.\n\nIn Quay 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-18214"
},
{
"category": "external",
"summary": "RHBZ#1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-18214",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18214"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214"
}
],
"release_date": "2017-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-moment: Regular expression denial of service"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14041",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14041"
},
{
"category": "external",
"summary": "RHBZ#1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nStatic code analysis controls ensure that security flaws, including XSS vulnerabilities, are detected early in development by scanning code for improper input handling. This prevents vulnerable code from reaching production and encourages our developers to follow secure coding practices. System monitoring controls play a crucial role in detecting and responding to XSS attacks by analyzing logs, monitoring user behavior, and generating alerts for suspicious activity. Meanwhile, AWS WAF (Web Application Firewall) adds an extra layer of defense by filtering and blocking malicious input before it reaches the platform and/or application. Together, these controls create a defense-in-depth approach, reducing the risk of XSS exploitation by preventing, detecting, and mitigating attacks at multiple levels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2022-3143",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124682"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: possible timing attacks via use of unsafe comparator",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3143"
},
{
"category": "external",
"summary": "RHBZ#2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: possible timing attacks via use of unsafe comparator"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46363",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155681"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: directory listing / code exfiltration",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46363"
},
{
"category": "external",
"summary": "RHBZ#2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c",
"url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "CXF: directory listing / code exfiltration"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "CXF: SSRF Vulnerability"
}
]
}
RHSA-2020:1325
Vulnerability from csaf_redhat - Published: 2020-04-06 09:02 - Updated: 2025-11-21 18:13Summary
Red Hat Security Advisory: python-XStatic-jQuery security update
Notes
Topic
An update for python-XStatic-jQuery is now available for Red Hat OpenStack
Platform 15 (Stein).
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
python-XStatic-jQuery is the jQuery javascript library packaged for Python's setuptools
Security Fix(es):
* prototype pollution in object's prototype leading to denial of service or
remote code execution or property injection (CVE-2019-11358)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for python-XStatic-jQuery is now available for Red Hat OpenStack\nPlatform 15 (Stein).\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "python-XStatic-jQuery is the jQuery javascript library packaged for Python\u0027s setuptools\n\nSecurity Fix(es):\n\n* prototype pollution in object\u0027s prototype leading to denial of service or\nremote code execution or property injection (CVE-2019-11358)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:1325",
"url": "https://access.redhat.com/errata/RHSA-2020:1325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1325.json"
}
],
"title": "Red Hat Security Advisory: python-XStatic-jQuery security update",
"tracking": {
"current_release_date": "2025-11-21T18:13:23+00:00",
"generator": {
"date": "2025-11-21T18:13:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2020:1325",
"initial_release_date": "2020-04-06T09:02:49+00:00",
"revision_history": [
{
"date": "2020-04-06T09:02:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-04-06T09:02:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:13:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 15.0",
"product": {
"name": "Red Hat OpenStack Platform 15.0",
"product_id": "8Base-RHOS-15.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:15::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "python-XStatic-jQuery-0:3.4.1.0-1.el8ost.src",
"product": {
"name": "python-XStatic-jQuery-0:3.4.1.0-1.el8ost.src",
"product_id": "python-XStatic-jQuery-0:3.4.1.0-1.el8ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-XStatic-jQuery@3.4.1.0-1.el8ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-XStatic-jQuery-0:3.4.1.0-1.el8ost.noarch",
"product": {
"name": "python3-XStatic-jQuery-0:3.4.1.0-1.el8ost.noarch",
"product_id": "python3-XStatic-jQuery-0:3.4.1.0-1.el8ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-XStatic-jQuery@3.4.1.0-1.el8ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-XStatic-jQuery-0:3.4.1.0-1.el8ost.src as a component of Red Hat OpenStack Platform 15.0",
"product_id": "8Base-RHOS-15.0:python-XStatic-jQuery-0:3.4.1.0-1.el8ost.src"
},
"product_reference": "python-XStatic-jQuery-0:3.4.1.0-1.el8ost.src",
"relates_to_product_reference": "8Base-RHOS-15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-XStatic-jQuery-0:3.4.1.0-1.el8ost.noarch as a component of Red Hat OpenStack Platform 15.0",
"product_id": "8Base-RHOS-15.0:python3-XStatic-jQuery-0:3.4.1.0-1.el8ost.noarch"
},
"product_reference": "python3-XStatic-jQuery-0:3.4.1.0-1.el8ost.noarch",
"relates_to_product_reference": "8Base-RHOS-15.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-15.0:python-XStatic-jQuery-0:3.4.1.0-1.el8ost.src",
"8Base-RHOS-15.0:python3-XStatic-jQuery-0:3.4.1.0-1.el8ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-04-06T09:02:49+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-15.0:python-XStatic-jQuery-0:3.4.1.0-1.el8ost.src",
"8Base-RHOS-15.0:python3-XStatic-jQuery-0:3.4.1.0-1.el8ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:1325"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"8Base-RHOS-15.0:python-XStatic-jQuery-0:3.4.1.0-1.el8ost.src",
"8Base-RHOS-15.0:python3-XStatic-jQuery-0:3.4.1.0-1.el8ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
}
]
}
RHSA-2022:7343
Vulnerability from csaf_redhat - Published: 2022-11-02 16:34 - Updated: 2025-11-21 18:34Summary
Red Hat Security Advisory: pcs security update
Notes
Topic
An update for pcs is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.
Security Fix(es):
* rubygem-rack: crafted requests can cause shell escape sequences (CVE-2022-30123)
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for pcs is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.\n\nSecurity Fix(es):\n\n* rubygem-rack: crafted requests can cause shell escape sequences (CVE-2022-30123)\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:7343",
"url": "https://access.redhat.com/errata/RHSA-2022:7343"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "2099524",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099524"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_7343.json"
}
],
"title": "Red Hat Security Advisory: pcs security update",
"tracking": {
"current_release_date": "2025-11-21T18:34:26+00:00",
"generator": {
"date": "2025-11-21T18:34:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:7343",
"initial_release_date": "2022-11-02T16:34:31+00:00",
"revision_history": [
{
"date": "2022-11-02T16:34:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-11-02T16:34:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:34:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server High Availability (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server High Availability (v. 7)",
"product_id": "7Server-HighAvailability-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Resilient Storage (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server Resilient Storage (v. 7)",
"product_id": "7Server-ResilientStorage-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.9.169-3.el7_9.3.src",
"product": {
"name": "pcs-0:0.9.169-3.el7_9.3.src",
"product_id": "pcs-0:0.9.169-3.el7_9.3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.9.169-3.el7_9.3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.9.169-3.el7_9.3.x86_64",
"product": {
"name": "pcs-0:0.9.169-3.el7_9.3.x86_64",
"product_id": "pcs-0:0.9.169-3.el7_9.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.9.169-3.el7_9.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.9.169-3.el7_9.3.x86_64",
"product": {
"name": "pcs-snmp-0:0.9.169-3.el7_9.3.x86_64",
"product_id": "pcs-snmp-0:0.9.169-3.el7_9.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.9.169-3.el7_9.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"product": {
"name": "pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"product_id": "pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-debuginfo@0.9.169-3.el7_9.3?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.9.169-3.el7_9.3.s390x",
"product": {
"name": "pcs-0:0.9.169-3.el7_9.3.s390x",
"product_id": "pcs-0:0.9.169-3.el7_9.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.9.169-3.el7_9.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"product": {
"name": "pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"product_id": "pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.9.169-3.el7_9.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"product": {
"name": "pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"product_id": "pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-debuginfo@0.9.169-3.el7_9.3?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.9.169-3.el7_9.3.ppc64le",
"product": {
"name": "pcs-0:0.9.169-3.el7_9.3.ppc64le",
"product_id": "pcs-0:0.9.169-3.el7_9.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.9.169-3.el7_9.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"product": {
"name": "pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"product_id": "pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.9.169-3.el7_9.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"product": {
"name": "pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"product_id": "pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-debuginfo@0.9.169-3.el7_9.3?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.9.169-3.el7_9.3.ppc64le as a component of Red Hat Enterprise Linux Server High Availability (v. 7)",
"product_id": "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le"
},
"product_reference": "pcs-0:0.9.169-3.el7_9.3.ppc64le",
"relates_to_product_reference": "7Server-HighAvailability-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.9.169-3.el7_9.3.s390x as a component of Red Hat Enterprise Linux Server High Availability (v. 7)",
"product_id": "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x"
},
"product_reference": "pcs-0:0.9.169-3.el7_9.3.s390x",
"relates_to_product_reference": "7Server-HighAvailability-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.9.169-3.el7_9.3.src as a component of Red Hat Enterprise Linux Server High Availability (v. 7)",
"product_id": "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src"
},
"product_reference": "pcs-0:0.9.169-3.el7_9.3.src",
"relates_to_product_reference": "7Server-HighAvailability-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.9.169-3.el7_9.3.x86_64 as a component of Red Hat Enterprise Linux Server High Availability (v. 7)",
"product_id": "7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64"
},
"product_reference": "pcs-0:0.9.169-3.el7_9.3.x86_64",
"relates_to_product_reference": "7Server-HighAvailability-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le as a component of Red Hat Enterprise Linux Server High Availability (v. 7)",
"product_id": "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le"
},
"product_reference": "pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"relates_to_product_reference": "7Server-HighAvailability-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x as a component of Red Hat Enterprise Linux Server High Availability (v. 7)",
"product_id": "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x"
},
"product_reference": "pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"relates_to_product_reference": "7Server-HighAvailability-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64 as a component of Red Hat Enterprise Linux Server High Availability (v. 7)",
"product_id": "7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64"
},
"product_reference": "pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"relates_to_product_reference": "7Server-HighAvailability-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le as a component of Red Hat Enterprise Linux Server High Availability (v. 7)",
"product_id": "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le"
},
"product_reference": "pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"relates_to_product_reference": "7Server-HighAvailability-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.9.169-3.el7_9.3.s390x as a component of Red Hat Enterprise Linux Server High Availability (v. 7)",
"product_id": "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x"
},
"product_reference": "pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"relates_to_product_reference": "7Server-HighAvailability-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.9.169-3.el7_9.3.x86_64 as a component of Red Hat Enterprise Linux Server High Availability (v. 7)",
"product_id": "7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64"
},
"product_reference": "pcs-snmp-0:0.9.169-3.el7_9.3.x86_64",
"relates_to_product_reference": "7Server-HighAvailability-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.9.169-3.el7_9.3.ppc64le as a component of Red Hat Enterprise Linux Server Resilient Storage (v. 7)",
"product_id": "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le"
},
"product_reference": "pcs-0:0.9.169-3.el7_9.3.ppc64le",
"relates_to_product_reference": "7Server-ResilientStorage-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.9.169-3.el7_9.3.s390x as a component of Red Hat Enterprise Linux Server Resilient Storage (v. 7)",
"product_id": "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x"
},
"product_reference": "pcs-0:0.9.169-3.el7_9.3.s390x",
"relates_to_product_reference": "7Server-ResilientStorage-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.9.169-3.el7_9.3.src as a component of Red Hat Enterprise Linux Server Resilient Storage (v. 7)",
"product_id": "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src"
},
"product_reference": "pcs-0:0.9.169-3.el7_9.3.src",
"relates_to_product_reference": "7Server-ResilientStorage-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.9.169-3.el7_9.3.x86_64 as a component of Red Hat Enterprise Linux Server Resilient Storage (v. 7)",
"product_id": "7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64"
},
"product_reference": "pcs-0:0.9.169-3.el7_9.3.x86_64",
"relates_to_product_reference": "7Server-ResilientStorage-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le as a component of Red Hat Enterprise Linux Server Resilient Storage (v. 7)",
"product_id": "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le"
},
"product_reference": "pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"relates_to_product_reference": "7Server-ResilientStorage-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x as a component of Red Hat Enterprise Linux Server Resilient Storage (v. 7)",
"product_id": "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x"
},
"product_reference": "pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"relates_to_product_reference": "7Server-ResilientStorage-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64 as a component of Red Hat Enterprise Linux Server Resilient Storage (v. 7)",
"product_id": "7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64"
},
"product_reference": "pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"relates_to_product_reference": "7Server-ResilientStorage-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le as a component of Red Hat Enterprise Linux Server Resilient Storage (v. 7)",
"product_id": "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le"
},
"product_reference": "pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"relates_to_product_reference": "7Server-ResilientStorage-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.9.169-3.el7_9.3.s390x as a component of Red Hat Enterprise Linux Server Resilient Storage (v. 7)",
"product_id": "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x"
},
"product_reference": "pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"relates_to_product_reference": "7Server-ResilientStorage-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.9.169-3.el7_9.3.x86_64 as a component of Red Hat Enterprise Linux Server Resilient Storage (v. 7)",
"product_id": "7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64"
},
"product_reference": "pcs-snmp-0:0.9.169-3.el7_9.3.x86_64",
"relates_to_product_reference": "7Server-ResilientStorage-7.9.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-02T16:34:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7343"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nStatic code analysis controls ensure that security flaws, including XSS vulnerabilities, are detected early in development by scanning code for improper input handling. This prevents vulnerable code from reaching production and encourages our developers to follow secure coding practices. System monitoring controls play a crucial role in detecting and responding to XSS attacks by analyzing logs, monitoring user behavior, and generating alerts for suspicious activity. Meanwhile, AWS WAF (Web Application Firewall) adds an extra layer of defense by filtering and blocking malicious input before it reaches the platform and/or application. Together, these controls create a defense-in-depth approach, reducing the risk of XSS exploitation by preventing, detecting, and mitigating attacks at multiple levels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-02T16:34:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7343"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2022-30123",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2022-06-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2099524"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ruby gem-rack. This flaw allows a malicious actor to craft requests that can cause shell escape sequences to be written to the terminal via rack\u0027s `Lint` middleware and `CommonLogger` middleware. This issue can leverage these escape sequences to execute commands in the victim\u0027s terminal.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-rack: crafted requests can cause shell escape sequences",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "- Because Red Hat OpenStack Platform 13.0 Operational Tools packaged the flawed code, but does not use its functionality, its Impact has been reduced to \u0027Low\u0027.\n- To exploit this vulnerability, applications should have either of these middlewares \u0027Lint\u0027 or \u0027CommonLogger\u0027 installed, and vulnerable apps may have something like this: \n\u0027use Rack::Lint\u0027 OR \u0027use Rack::CommonLogger\u0027\nThe Red Hat products use the flawed code but don\u0027t use its functionality, Hence, the impact is set to Important.\n- Logging Subsystem for Red Hat OpenShift uses the vulnerable ruby gem-rack package in the openshift-logging/fluentd-rhel8 component to instantiate client-to-server communication. But, this component cannot receive any requests so exploitation by crafted request consumption is not possible. Therefore the impact of this vulnerability on the Logging Subsystem for Red Hat OpenShift is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30123"
},
{
"category": "external",
"summary": "RHBZ#2099524",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099524"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30123",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30123"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30123",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30123"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-wq4h-7r42-5hrr",
"url": "https://github.com/advisories/GHSA-wq4h-7r42-5hrr"
}
],
"release_date": "2022-05-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-02T16:34:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7343"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src",
"7Server-HighAvailability-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"7Server-HighAvailability-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.src",
"7Server-ResilientStorage-7.9.Z:pcs-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-debuginfo-0:0.9.169-3.el7_9.3.x86_64",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.ppc64le",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.s390x",
"7Server-ResilientStorage-7.9.Z:pcs-snmp-0:0.9.169-3.el7_9.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rubygem-rack: crafted requests can cause shell escape sequences"
}
]
}
RHSA-2019:2587
Vulnerability from csaf_redhat - Published: 2019-09-05 05:26 - Updated: 2026-01-08 11:20Summary
Red Hat Security Advisory: CloudForms 4.7.9 security, bug fix and enhancement update
Notes
Topic
An update is now available for CloudForms Management Engine 5.10.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller (MVC) framework for web application development. Action Pack implements the controller and the view components.
Security Fix(es):
* cloudforms: stored cross-site scripting in Name field (CVE-2018-10854)
* js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
This update fixes various bugs and adds enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for CloudForms Management Engine 5.10.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller (MVC) framework for web application development. Action Pack implements the controller and the view components.\n\nSecurity Fix(es):\n\n* cloudforms: stored cross-site scripting in Name field (CVE-2018-10854)\n\n* js-jquery: prototype pollution in object\u0027s prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nThis update fixes various bugs and adds enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:2587",
"url": "https://access.redhat.com/errata/RHSA-2019:2587"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_cloudforms/4.7/html/release_notes",
"url": "https://access.redhat.com/documentation/en-us/red_hat_cloudforms/4.7/html/release_notes"
},
{
"category": "external",
"summary": "1590538",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590538"
},
{
"category": "external",
"summary": "1677580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677580"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1733376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733376"
},
{
"category": "external",
"summary": "1737123",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737123"
},
{
"category": "external",
"summary": "1737618",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737618"
},
{
"category": "external",
"summary": "1738266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1738266"
},
{
"category": "external",
"summary": "1740227",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1740227"
},
{
"category": "external",
"summary": "1740228",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1740228"
},
{
"category": "external",
"summary": "1740229",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1740229"
},
{
"category": "external",
"summary": "1740230",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1740230"
},
{
"category": "external",
"summary": "1740767",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1740767"
},
{
"category": "external",
"summary": "1740769",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1740769"
},
{
"category": "external",
"summary": "1740844",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1740844"
},
{
"category": "external",
"summary": "1741634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741634"
},
{
"category": "external",
"summary": "1741635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741635"
},
{
"category": "external",
"summary": "1741944",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741944"
},
{
"category": "external",
"summary": "1741945",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741945"
},
{
"category": "external",
"summary": "1743266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743266"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_2587.json"
}
],
"title": "Red Hat Security Advisory: CloudForms 4.7.9 security, bug fix and enhancement update",
"tracking": {
"current_release_date": "2026-01-08T11:20:13+00:00",
"generator": {
"date": "2026-01-08T11:20:13+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2019:2587",
"initial_release_date": "2019-09-05T05:26:06+00:00",
"revision_history": [
{
"date": "2019-09-05T05:26:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-09-05T05:26:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-08T11:20:13+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CloudForms Management Engine 5.10",
"product": {
"name": "CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:cloudforms_managementengine:5.10::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat CloudForms"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-ansible-roles-0:1.1.7-1.el7ev.noarch",
"product": {
"name": "ovirt-ansible-roles-0:1.1.7-1.el7ev.noarch",
"product_id": "ovirt-ansible-roles-0:1.1.7-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-roles@1.1.7-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev.noarch",
"product": {
"name": "ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev.noarch",
"product_id": "ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-hosted-engine-setup@1.0.23-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-vm-infra-0:1.1.19-1.el7ev.noarch",
"product": {
"name": "ovirt-ansible-vm-infra-0:1.1.19-1.el7ev.noarch",
"product_id": "ovirt-ansible-vm-infra-0:1.1.19-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-vm-infra@1.1.19-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "v2v-conversion-host-ansible-0:1.14.2-1.el7ev.noarch",
"product": {
"name": "v2v-conversion-host-ansible-0:1.14.2-1.el7ev.noarch",
"product_id": "v2v-conversion-host-ansible-0:1.14.2-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v2v-conversion-host-ansible@1.14.2-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "v2v-conversion-host-wrapper-0:1.14.2-1.el7ev.noarch",
"product": {
"name": "v2v-conversion-host-wrapper-0:1.14.2-1.el7ev.noarch",
"product_id": "v2v-conversion-host-wrapper-0:1.14.2-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v2v-conversion-host-wrapper@1.14.2-1.el7ev?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-ansible-roles-0:1.1.7-1.el7ev.src",
"product": {
"name": "ovirt-ansible-roles-0:1.1.7-1.el7ev.src",
"product_id": "ovirt-ansible-roles-0:1.1.7-1.el7ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-roles@1.1.7-1.el7ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev.src",
"product": {
"name": "ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev.src",
"product_id": "ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-hosted-engine-setup@1.0.23-1.el7ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-vm-infra-0:1.1.19-1.el7ev.src",
"product": {
"name": "ovirt-ansible-vm-infra-0:1.1.19-1.el7ev.src",
"product_id": "ovirt-ansible-vm-infra-0:1.1.19-1.el7ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-vm-infra@1.1.19-1.el7ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "v2v-conversion-host-0:1.14.2-1.el7ev.src",
"product": {
"name": "v2v-conversion-host-0:1.14.2-1.el7ev.src",
"product_id": "v2v-conversion-host-0:1.14.2-1.el7ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v2v-conversion-host@1.14.2-1.el7ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "cfme-0:5.10.9.1-1.el7cf.src",
"product": {
"name": "cfme-0:5.10.9.1-1.el7cf.src",
"product_id": "cfme-0:5.10.9.1-1.el7cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme@5.10.9.1-1.el7cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "cfme-appliance-0:5.10.9.1-1.el7cf.src",
"product": {
"name": "cfme-appliance-0:5.10.9.1-1.el7cf.src",
"product_id": "cfme-appliance-0:5.10.9.1-1.el7cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-appliance@5.10.9.1-1.el7cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "cfme-gemset-0:5.10.9.1-1.el7cf.src",
"product": {
"name": "cfme-gemset-0:5.10.9.1-1.el7cf.src",
"product_id": "cfme-gemset-0:5.10.9.1-1.el7cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-gemset@5.10.9.1-1.el7cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "cfme-amazon-smartstate-0:5.10.9.1-1.el7cf.src",
"product": {
"name": "cfme-amazon-smartstate-0:5.10.9.1-1.el7cf.src",
"product_id": "cfme-amazon-smartstate-0:5.10.9.1-1.el7cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-amazon-smartstate@5.10.9.1-1.el7cf?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ansible-tower-0:3.5.2-1.el7at.x86_64",
"product": {
"name": "ansible-tower-0:3.5.2-1.el7at.x86_64",
"product_id": "ansible-tower-0:3.5.2-1.el7at.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-tower@3.5.2-1.el7at?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ansible-tower-server-0:3.5.2-1.el7at.x86_64",
"product": {
"name": "ansible-tower-server-0:3.5.2-1.el7at.x86_64",
"product_id": "ansible-tower-server-0:3.5.2-1.el7at.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-tower-server@3.5.2-1.el7at?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ansible-tower-setup-0:3.5.2-1.el7at.x86_64",
"product": {
"name": "ansible-tower-setup-0:3.5.2-1.el7at.x86_64",
"product_id": "ansible-tower-setup-0:3.5.2-1.el7at.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-tower-setup@3.5.2-1.el7at?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ansible-tower-ui-0:3.5.2-1.el7at.x86_64",
"product": {
"name": "ansible-tower-ui-0:3.5.2-1.el7at.x86_64",
"product_id": "ansible-tower-ui-0:3.5.2-1.el7at.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-tower-ui@3.5.2-1.el7at?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ansible-tower-venv-ansible-0:3.5.2-1.el7at.x86_64",
"product": {
"name": "ansible-tower-venv-ansible-0:3.5.2-1.el7at.x86_64",
"product_id": "ansible-tower-venv-ansible-0:3.5.2-1.el7at.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-tower-venv-ansible@3.5.2-1.el7at?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ansible-tower-venv-tower-0:3.5.2-1.el7at.x86_64",
"product": {
"name": "ansible-tower-venv-tower-0:3.5.2-1.el7at.x86_64",
"product_id": "ansible-tower-venv-tower-0:3.5.2-1.el7at.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-tower-venv-tower@3.5.2-1.el7at?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-0:5.10.9.1-1.el7cf.x86_64",
"product": {
"name": "cfme-0:5.10.9.1-1.el7cf.x86_64",
"product_id": "cfme-0:5.10.9.1-1.el7cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme@5.10.9.1-1.el7cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"product": {
"name": "cfme-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"product_id": "cfme-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-debuginfo@5.10.9.1-1.el7cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-appliance-0:5.10.9.1-1.el7cf.x86_64",
"product": {
"name": "cfme-appliance-0:5.10.9.1-1.el7cf.x86_64",
"product_id": "cfme-appliance-0:5.10.9.1-1.el7cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-appliance@5.10.9.1-1.el7cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-appliance-common-0:5.10.9.1-1.el7cf.x86_64",
"product": {
"name": "cfme-appliance-common-0:5.10.9.1-1.el7cf.x86_64",
"product_id": "cfme-appliance-common-0:5.10.9.1-1.el7cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-appliance-common@5.10.9.1-1.el7cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-appliance-tools-0:5.10.9.1-1.el7cf.x86_64",
"product": {
"name": "cfme-appliance-tools-0:5.10.9.1-1.el7cf.x86_64",
"product_id": "cfme-appliance-tools-0:5.10.9.1-1.el7cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-appliance-tools@5.10.9.1-1.el7cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-appliance-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"product": {
"name": "cfme-appliance-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"product_id": "cfme-appliance-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-appliance-debuginfo@5.10.9.1-1.el7cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-gemset-0:5.10.9.1-1.el7cf.x86_64",
"product": {
"name": "cfme-gemset-0:5.10.9.1-1.el7cf.x86_64",
"product_id": "cfme-gemset-0:5.10.9.1-1.el7cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-gemset@5.10.9.1-1.el7cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-gemset-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"product": {
"name": "cfme-gemset-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"product_id": "cfme-gemset-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-gemset-debuginfo@5.10.9.1-1.el7cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-amazon-smartstate-0:5.10.9.1-1.el7cf.x86_64",
"product": {
"name": "cfme-amazon-smartstate-0:5.10.9.1-1.el7cf.x86_64",
"product_id": "cfme-amazon-smartstate-0:5.10.9.1-1.el7cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-amazon-smartstate@5.10.9.1-1.el7cf?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-tower-0:3.5.2-1.el7at.x86_64 as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:ansible-tower-0:3.5.2-1.el7at.x86_64"
},
"product_reference": "ansible-tower-0:3.5.2-1.el7at.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-tower-server-0:3.5.2-1.el7at.x86_64 as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:ansible-tower-server-0:3.5.2-1.el7at.x86_64"
},
"product_reference": "ansible-tower-server-0:3.5.2-1.el7at.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-tower-setup-0:3.5.2-1.el7at.x86_64 as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:ansible-tower-setup-0:3.5.2-1.el7at.x86_64"
},
"product_reference": "ansible-tower-setup-0:3.5.2-1.el7at.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-tower-ui-0:3.5.2-1.el7at.x86_64 as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:ansible-tower-ui-0:3.5.2-1.el7at.x86_64"
},
"product_reference": "ansible-tower-ui-0:3.5.2-1.el7at.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-tower-venv-ansible-0:3.5.2-1.el7at.x86_64 as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:ansible-tower-venv-ansible-0:3.5.2-1.el7at.x86_64"
},
"product_reference": "ansible-tower-venv-ansible-0:3.5.2-1.el7at.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-tower-venv-tower-0:3.5.2-1.el7at.x86_64 as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:ansible-tower-venv-tower-0:3.5.2-1.el7at.x86_64"
},
"product_reference": "ansible-tower-venv-tower-0:3.5.2-1.el7at.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-0:5.10.9.1-1.el7cf.src as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:cfme-0:5.10.9.1-1.el7cf.src"
},
"product_reference": "cfme-0:5.10.9.1-1.el7cf.src",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-0:5.10.9.1-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:cfme-0:5.10.9.1-1.el7cf.x86_64"
},
"product_reference": "cfme-0:5.10.9.1-1.el7cf.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-amazon-smartstate-0:5.10.9.1-1.el7cf.src as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:cfme-amazon-smartstate-0:5.10.9.1-1.el7cf.src"
},
"product_reference": "cfme-amazon-smartstate-0:5.10.9.1-1.el7cf.src",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-amazon-smartstate-0:5.10.9.1-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:cfme-amazon-smartstate-0:5.10.9.1-1.el7cf.x86_64"
},
"product_reference": "cfme-amazon-smartstate-0:5.10.9.1-1.el7cf.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-appliance-0:5.10.9.1-1.el7cf.src as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:cfme-appliance-0:5.10.9.1-1.el7cf.src"
},
"product_reference": "cfme-appliance-0:5.10.9.1-1.el7cf.src",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-appliance-0:5.10.9.1-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:cfme-appliance-0:5.10.9.1-1.el7cf.x86_64"
},
"product_reference": "cfme-appliance-0:5.10.9.1-1.el7cf.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-appliance-common-0:5.10.9.1-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:cfme-appliance-common-0:5.10.9.1-1.el7cf.x86_64"
},
"product_reference": "cfme-appliance-common-0:5.10.9.1-1.el7cf.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-appliance-debuginfo-0:5.10.9.1-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:cfme-appliance-debuginfo-0:5.10.9.1-1.el7cf.x86_64"
},
"product_reference": "cfme-appliance-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-appliance-tools-0:5.10.9.1-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:cfme-appliance-tools-0:5.10.9.1-1.el7cf.x86_64"
},
"product_reference": "cfme-appliance-tools-0:5.10.9.1-1.el7cf.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-debuginfo-0:5.10.9.1-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:cfme-debuginfo-0:5.10.9.1-1.el7cf.x86_64"
},
"product_reference": "cfme-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-gemset-0:5.10.9.1-1.el7cf.src as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:cfme-gemset-0:5.10.9.1-1.el7cf.src"
},
"product_reference": "cfme-gemset-0:5.10.9.1-1.el7cf.src",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-gemset-0:5.10.9.1-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:cfme-gemset-0:5.10.9.1-1.el7cf.x86_64"
},
"product_reference": "cfme-gemset-0:5.10.9.1-1.el7cf.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-gemset-debuginfo-0:5.10.9.1-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:cfme-gemset-debuginfo-0:5.10.9.1-1.el7cf.x86_64"
},
"product_reference": "cfme-gemset-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev.noarch as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev.noarch"
},
"product_reference": "ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev.src as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev.src"
},
"product_reference": "ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev.src",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-roles-0:1.1.7-1.el7ev.noarch as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:ovirt-ansible-roles-0:1.1.7-1.el7ev.noarch"
},
"product_reference": "ovirt-ansible-roles-0:1.1.7-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-roles-0:1.1.7-1.el7ev.src as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:ovirt-ansible-roles-0:1.1.7-1.el7ev.src"
},
"product_reference": "ovirt-ansible-roles-0:1.1.7-1.el7ev.src",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-vm-infra-0:1.1.19-1.el7ev.noarch as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:ovirt-ansible-vm-infra-0:1.1.19-1.el7ev.noarch"
},
"product_reference": "ovirt-ansible-vm-infra-0:1.1.19-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-vm-infra-0:1.1.19-1.el7ev.src as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:ovirt-ansible-vm-infra-0:1.1.19-1.el7ev.src"
},
"product_reference": "ovirt-ansible-vm-infra-0:1.1.19-1.el7ev.src",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v2v-conversion-host-0:1.14.2-1.el7ev.src as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:v2v-conversion-host-0:1.14.2-1.el7ev.src"
},
"product_reference": "v2v-conversion-host-0:1.14.2-1.el7ev.src",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v2v-conversion-host-ansible-0:1.14.2-1.el7ev.noarch as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:v2v-conversion-host-ansible-0:1.14.2-1.el7ev.noarch"
},
"product_reference": "v2v-conversion-host-ansible-0:1.14.2-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v2v-conversion-host-wrapper-0:1.14.2-1.el7ev.noarch as a component of CloudForms Management Engine 5.10",
"product_id": "7Server-RH7-CFME-5.10:v2v-conversion-host-wrapper-0:1.14.2-1.el7ev.noarch"
},
"product_reference": "v2v-conversion-host-wrapper-0:1.14.2-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RH7-CFME-5.10"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Yadnyawalk Tale"
],
"organization": "Red Hat CloudForms QE",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2018-10854",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-06-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1590538"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cloudforms: stored cross-site scripting in Name field",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-CFME-5.10:ansible-tower-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-server-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-setup-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-ui-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-venv-ansible-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-venv-tower-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:cfme-0:5.10.9.1-1.el7cf.src",
"7Server-RH7-CFME-5.10:cfme-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-amazon-smartstate-0:5.10.9.1-1.el7cf.src",
"7Server-RH7-CFME-5.10:cfme-amazon-smartstate-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-appliance-0:5.10.9.1-1.el7cf.src",
"7Server-RH7-CFME-5.10:cfme-appliance-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-appliance-common-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-appliance-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-appliance-tools-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-gemset-0:5.10.9.1-1.el7cf.src",
"7Server-RH7-CFME-5.10:cfme-gemset-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-gemset-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev.noarch",
"7Server-RH7-CFME-5.10:ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev.src",
"7Server-RH7-CFME-5.10:ovirt-ansible-roles-0:1.1.7-1.el7ev.noarch",
"7Server-RH7-CFME-5.10:ovirt-ansible-roles-0:1.1.7-1.el7ev.src",
"7Server-RH7-CFME-5.10:ovirt-ansible-vm-infra-0:1.1.19-1.el7ev.noarch",
"7Server-RH7-CFME-5.10:ovirt-ansible-vm-infra-0:1.1.19-1.el7ev.src",
"7Server-RH7-CFME-5.10:v2v-conversion-host-0:1.14.2-1.el7ev.src",
"7Server-RH7-CFME-5.10:v2v-conversion-host-ansible-0:1.14.2-1.el7ev.noarch",
"7Server-RH7-CFME-5.10:v2v-conversion-host-wrapper-0:1.14.2-1.el7ev.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10854"
},
{
"category": "external",
"summary": "RHBZ#1590538",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590538"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10854",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10854"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10854",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10854"
}
],
"release_date": "2019-03-07T15:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-05T05:26:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nIf the postgresql service is running, it will be automatically restarted after installing this update. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RH7-CFME-5.10:ansible-tower-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-server-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-setup-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-ui-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-venv-ansible-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-venv-tower-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:cfme-0:5.10.9.1-1.el7cf.src",
"7Server-RH7-CFME-5.10:cfme-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-amazon-smartstate-0:5.10.9.1-1.el7cf.src",
"7Server-RH7-CFME-5.10:cfme-amazon-smartstate-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-appliance-0:5.10.9.1-1.el7cf.src",
"7Server-RH7-CFME-5.10:cfme-appliance-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-appliance-common-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-appliance-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-appliance-tools-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-gemset-0:5.10.9.1-1.el7cf.src",
"7Server-RH7-CFME-5.10:cfme-gemset-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-gemset-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev.noarch",
"7Server-RH7-CFME-5.10:ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev.src",
"7Server-RH7-CFME-5.10:ovirt-ansible-roles-0:1.1.7-1.el7ev.noarch",
"7Server-RH7-CFME-5.10:ovirt-ansible-roles-0:1.1.7-1.el7ev.src",
"7Server-RH7-CFME-5.10:ovirt-ansible-vm-infra-0:1.1.19-1.el7ev.noarch",
"7Server-RH7-CFME-5.10:ovirt-ansible-vm-infra-0:1.1.19-1.el7ev.src",
"7Server-RH7-CFME-5.10:v2v-conversion-host-0:1.14.2-1.el7ev.src",
"7Server-RH7-CFME-5.10:v2v-conversion-host-ansible-0:1.14.2-1.el7ev.noarch",
"7Server-RH7-CFME-5.10:v2v-conversion-host-wrapper-0:1.14.2-1.el7ev.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2587"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-CFME-5.10:ansible-tower-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-server-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-setup-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-ui-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-venv-ansible-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-venv-tower-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:cfme-0:5.10.9.1-1.el7cf.src",
"7Server-RH7-CFME-5.10:cfme-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-amazon-smartstate-0:5.10.9.1-1.el7cf.src",
"7Server-RH7-CFME-5.10:cfme-amazon-smartstate-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-appliance-0:5.10.9.1-1.el7cf.src",
"7Server-RH7-CFME-5.10:cfme-appliance-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-appliance-common-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-appliance-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-appliance-tools-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-gemset-0:5.10.9.1-1.el7cf.src",
"7Server-RH7-CFME-5.10:cfme-gemset-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-gemset-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev.noarch",
"7Server-RH7-CFME-5.10:ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev.src",
"7Server-RH7-CFME-5.10:ovirt-ansible-roles-0:1.1.7-1.el7ev.noarch",
"7Server-RH7-CFME-5.10:ovirt-ansible-roles-0:1.1.7-1.el7ev.src",
"7Server-RH7-CFME-5.10:ovirt-ansible-vm-infra-0:1.1.19-1.el7ev.noarch",
"7Server-RH7-CFME-5.10:ovirt-ansible-vm-infra-0:1.1.19-1.el7ev.src",
"7Server-RH7-CFME-5.10:v2v-conversion-host-0:1.14.2-1.el7ev.src",
"7Server-RH7-CFME-5.10:v2v-conversion-host-ansible-0:1.14.2-1.el7ev.noarch",
"7Server-RH7-CFME-5.10:v2v-conversion-host-wrapper-0:1.14.2-1.el7ev.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cloudforms: stored cross-site scripting in Name field"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-CFME-5.10:ansible-tower-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-server-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-setup-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-ui-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-venv-ansible-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-venv-tower-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:cfme-0:5.10.9.1-1.el7cf.src",
"7Server-RH7-CFME-5.10:cfme-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-amazon-smartstate-0:5.10.9.1-1.el7cf.src",
"7Server-RH7-CFME-5.10:cfme-amazon-smartstate-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-appliance-0:5.10.9.1-1.el7cf.src",
"7Server-RH7-CFME-5.10:cfme-appliance-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-appliance-common-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-appliance-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-appliance-tools-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-gemset-0:5.10.9.1-1.el7cf.src",
"7Server-RH7-CFME-5.10:cfme-gemset-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-gemset-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev.noarch",
"7Server-RH7-CFME-5.10:ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev.src",
"7Server-RH7-CFME-5.10:ovirt-ansible-roles-0:1.1.7-1.el7ev.noarch",
"7Server-RH7-CFME-5.10:ovirt-ansible-roles-0:1.1.7-1.el7ev.src",
"7Server-RH7-CFME-5.10:ovirt-ansible-vm-infra-0:1.1.19-1.el7ev.noarch",
"7Server-RH7-CFME-5.10:ovirt-ansible-vm-infra-0:1.1.19-1.el7ev.src",
"7Server-RH7-CFME-5.10:v2v-conversion-host-0:1.14.2-1.el7ev.src",
"7Server-RH7-CFME-5.10:v2v-conversion-host-ansible-0:1.14.2-1.el7ev.noarch",
"7Server-RH7-CFME-5.10:v2v-conversion-host-wrapper-0:1.14.2-1.el7ev.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-05T05:26:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nIf the postgresql service is running, it will be automatically restarted after installing this update. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RH7-CFME-5.10:ansible-tower-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-server-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-setup-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-ui-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-venv-ansible-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-venv-tower-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:cfme-0:5.10.9.1-1.el7cf.src",
"7Server-RH7-CFME-5.10:cfme-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-amazon-smartstate-0:5.10.9.1-1.el7cf.src",
"7Server-RH7-CFME-5.10:cfme-amazon-smartstate-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-appliance-0:5.10.9.1-1.el7cf.src",
"7Server-RH7-CFME-5.10:cfme-appliance-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-appliance-common-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-appliance-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-appliance-tools-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-gemset-0:5.10.9.1-1.el7cf.src",
"7Server-RH7-CFME-5.10:cfme-gemset-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-gemset-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev.noarch",
"7Server-RH7-CFME-5.10:ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev.src",
"7Server-RH7-CFME-5.10:ovirt-ansible-roles-0:1.1.7-1.el7ev.noarch",
"7Server-RH7-CFME-5.10:ovirt-ansible-roles-0:1.1.7-1.el7ev.src",
"7Server-RH7-CFME-5.10:ovirt-ansible-vm-infra-0:1.1.19-1.el7ev.noarch",
"7Server-RH7-CFME-5.10:ovirt-ansible-vm-infra-0:1.1.19-1.el7ev.src",
"7Server-RH7-CFME-5.10:v2v-conversion-host-0:1.14.2-1.el7ev.src",
"7Server-RH7-CFME-5.10:v2v-conversion-host-ansible-0:1.14.2-1.el7ev.noarch",
"7Server-RH7-CFME-5.10:v2v-conversion-host-wrapper-0:1.14.2-1.el7ev.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2587"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-CFME-5.10:ansible-tower-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-server-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-setup-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-ui-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-venv-ansible-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:ansible-tower-venv-tower-0:3.5.2-1.el7at.x86_64",
"7Server-RH7-CFME-5.10:cfme-0:5.10.9.1-1.el7cf.src",
"7Server-RH7-CFME-5.10:cfme-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-amazon-smartstate-0:5.10.9.1-1.el7cf.src",
"7Server-RH7-CFME-5.10:cfme-amazon-smartstate-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-appliance-0:5.10.9.1-1.el7cf.src",
"7Server-RH7-CFME-5.10:cfme-appliance-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-appliance-common-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-appliance-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-appliance-tools-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-gemset-0:5.10.9.1-1.el7cf.src",
"7Server-RH7-CFME-5.10:cfme-gemset-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:cfme-gemset-debuginfo-0:5.10.9.1-1.el7cf.x86_64",
"7Server-RH7-CFME-5.10:ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev.noarch",
"7Server-RH7-CFME-5.10:ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev.src",
"7Server-RH7-CFME-5.10:ovirt-ansible-roles-0:1.1.7-1.el7ev.noarch",
"7Server-RH7-CFME-5.10:ovirt-ansible-roles-0:1.1.7-1.el7ev.src",
"7Server-RH7-CFME-5.10:ovirt-ansible-vm-infra-0:1.1.19-1.el7ev.noarch",
"7Server-RH7-CFME-5.10:ovirt-ansible-vm-infra-0:1.1.19-1.el7ev.src",
"7Server-RH7-CFME-5.10:v2v-conversion-host-0:1.14.2-1.el7ev.src",
"7Server-RH7-CFME-5.10:v2v-conversion-host-ansible-0:1.14.2-1.el7ev.noarch",
"7Server-RH7-CFME-5.10:v2v-conversion-host-wrapper-0:1.14.2-1.el7ev.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
}
]
}
RHSA-2020:3936
Vulnerability from csaf_redhat - Published: 2020-09-29 21:12 - Updated: 2026-01-08 09:44Summary
Red Hat Security Advisory: ipa security, bug fix, and enhancement update
Notes
Topic
An update for ipa is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.
The following packages have been upgraded to a later upstream version: ipa (4.6.8). (BZ#1819725)
Security Fix(es):
* js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip. (CVE-2018-14042)
* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* ipa: No password length restriction leads to denial of service (CVE-2020-1722)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ipa is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.\n\nThe following packages have been upgraded to a later upstream version: ipa (4.6.8). (BZ#1819725)\n\nSecurity Fix(es):\n\n* js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip. (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* js-jquery: prototype pollution in object\u0027s prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* ipa: No password length restriction leads to denial of service (CVE-2020-1722)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3936",
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1404770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404770"
},
{
"category": "external",
"summary": "1545755",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1545755"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1754902",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1754902"
},
{
"category": "external",
"summary": "1755535",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755535"
},
{
"category": "external",
"summary": "1756568",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1756568"
},
{
"category": "external",
"summary": "1758406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758406"
},
{
"category": "external",
"summary": "1769791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1769791"
},
{
"category": "external",
"summary": "1771356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771356"
},
{
"category": "external",
"summary": "1780548",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1780548"
},
{
"category": "external",
"summary": "1782587",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782587"
},
{
"category": "external",
"summary": "1788718",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788718"
},
{
"category": "external",
"summary": "1788907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788907"
},
{
"category": "external",
"summary": "1793071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793071"
},
{
"category": "external",
"summary": "1795890",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1795890"
},
{
"category": "external",
"summary": "1801791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801791"
},
{
"category": "external",
"summary": "1817886",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817886"
},
{
"category": "external",
"summary": "1817918",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817918"
},
{
"category": "external",
"summary": "1817919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817919"
},
{
"category": "external",
"summary": "1817922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817922"
},
{
"category": "external",
"summary": "1817923",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817923"
},
{
"category": "external",
"summary": "1817927",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817927"
},
{
"category": "external",
"summary": "1819725",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819725"
},
{
"category": "external",
"summary": "1825829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825829"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1829787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1829787"
},
{
"category": "external",
"summary": "1834385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834385"
},
{
"category": "external",
"summary": "1842950",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1842950"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3936.json"
}
],
"title": "Red Hat Security Advisory: ipa security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2026-01-08T09:44:17+00:00",
"generator": {
"date": "2026-01-08T09:44:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2020:3936",
"initial_release_date": "2020-09-29T21:12:26+00:00",
"revision_history": [
{
"date": "2020-09-29T21:12:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-09-29T21:12:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-08T09:44:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ipa-0:4.6.8-5.el7.src",
"product": {
"name": "ipa-0:4.6.8-5.el7.src",
"product_id": "ipa-0:4.6.8-5.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa@4.6.8-5.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ipa-client-0:4.6.8-5.el7.x86_64",
"product": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64",
"product_id": "ipa-client-0:4.6.8-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.6.8-5.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"product": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"product_id": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.6.8-5.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-server-0:4.6.8-5.el7.x86_64",
"product": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64",
"product_id": "ipa-server-0:4.6.8-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server@4.6.8-5.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"product": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"product_id": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.6.8-5.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ipa-client-common-0:4.6.8-5.el7.noarch",
"product": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch",
"product_id": "ipa-client-common-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-common@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-common-0:4.6.8-5.el7.noarch",
"product": {
"name": "ipa-common-0:4.6.8-5.el7.noarch",
"product_id": "ipa-common-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-common@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"product": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"product_id": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-python-compat@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"product": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"product_id": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python2-ipaclient@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python2-ipalib-0:4.6.8-5.el7.noarch",
"product": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch",
"product_id": "python2-ipalib-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python2-ipalib@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-server-common-0:4.6.8-5.el7.noarch",
"product": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch",
"product_id": "ipa-server-common-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-common@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"product": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"product_id": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-dns@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"product": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"product_id": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python2-ipaserver@4.6.8-5.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "ipa-client-0:4.6.8-5.el7.s390x",
"product": {
"name": "ipa-client-0:4.6.8-5.el7.s390x",
"product_id": "ipa-client-0:4.6.8-5.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.6.8-5.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"product": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"product_id": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.6.8-5.el7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ipa-client-0:4.6.8-5.el7.ppc64",
"product": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64",
"product_id": "ipa-client-0:4.6.8-5.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.6.8-5.el7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"product": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"product_id": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.6.8-5.el7?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "ipa-client-0:4.6.8-5.el7.ppc64le",
"product": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le",
"product_id": "ipa-client-0:4.6.8-5.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.6.8-5.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"product": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"product_id": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.6.8-5.el7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.6.8-5.el7.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-0:4.6.8-5.el7.src"
},
"product_reference": "ipa-0:4.6.8-5.el7.src",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-client-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipalib-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.6.8-5.el7.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-0:4.6.8-5.el7.src"
},
"product_reference": "ipa-0:4.6.8-5.el7.src",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-client-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipalib-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.6.8-5.el7.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src"
},
"product_reference": "ipa-0:4.6.8-5.el7.src",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-client-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipalib-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.6.8-5.el7.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src"
},
"product_reference": "ipa-0:4.6.8-5.el7.src",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-client-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipalib-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.6.8-5.el7.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-0:4.6.8-5.el7.src"
},
"product_reference": "ipa-0:4.6.8-5.el7.src",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-client-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipalib-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.6.8-5.el7.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-0:4.6.8-5.el7.src"
},
"product_reference": "ipa-0:4.6.8-5.el7.src",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-client-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipalib-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"acknowledgments": [
{
"names": [
"Pritam Singh"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-1722",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1793071"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in IPA. When sending a very long password (\u003e= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unresponsive. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ipa: No password length restriction leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1722"
},
{
"category": "external",
"summary": "RHBZ#1793071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793071"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1722",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1722"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1722",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1722"
}
],
"release_date": "2020-04-14T04:26:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "ipa: No password length restriction leads to denial of service"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
}
]
}
RHSA-2020:4298
Vulnerability from csaf_redhat - Published: 2020-10-27 16:22 - Updated: 2026-01-08 13:07Summary
Red Hat Security Advisory: OpenShift Container Platform 4.6.1 image security update
Notes
Topic
An update is now available for Red Hat OpenShift Container Platform 4.6.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
Security Fix(es):
* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283)
* SSL/TLS: CBC padding timing attack (lucky-13) (CVE-2013-0169)
* grafana: XSS vulnerability via a column style on the "Dashboard > Table Panel" screen (CVE-2018-18624)
* js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)
* npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions (CVE-2019-16769)
* kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06) (CVE-2020-7013)
* nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload (CVE-2020-7598)
* npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser (CVE-2020-7662)
* nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)
* grafana: stored XSS (CVE-2020-11110)
* grafana: XSS annotation popup vulnerability (CVE-2020-12052)
* grafana: XSS via column.title or cellLinkTooltip (CVE-2020-12245)
* nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures (CVE-2020-13822)
* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)
* nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function (CVE-2020-15366)
* openshift/console: text injection on error page via crafted url (CVE-2020-10715)
* kibana: X-Frame-Option not set by default might lead to clickjacking (CVE-2020-10743)
* openshift: restricted SCC allows pods to craft custom network packets (CVE-2020-14336)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenShift Container Platform 4.6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283)\n\n* SSL/TLS: CBC padding timing attack (lucky-13) (CVE-2013-0169)\n\n* grafana: XSS vulnerability via a column style on the \"Dashboard \u003e Table Panel\" screen (CVE-2018-18624)\n\n* js-jquery: prototype pollution in object\u0027s prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\n* npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions (CVE-2019-16769)\n\n* kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06) (CVE-2020-7013)\n\n* nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload (CVE-2020-7598)\n\n* npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser (CVE-2020-7662)\n\n* nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jQuery: passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\n* grafana: stored XSS (CVE-2020-11110)\n\n* grafana: XSS annotation popup vulnerability (CVE-2020-12052)\n\n* grafana: XSS via column.title or cellLinkTooltip (CVE-2020-12245)\n\n* nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures (CVE-2020-13822)\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\n* nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function (CVE-2020-15366)\n\n* openshift/console: text injection on error page via crafted url (CVE-2020-10715)\n\n* kibana: X-Frame-Option not set by default might lead to clickjacking (CVE-2020-10743)\n\n* openshift: restricted SCC allows pods to craft custom network packets (CVE-2020-14336)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4298",
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "907589",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=907589"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1767665",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1767665"
},
{
"category": "external",
"summary": "1804533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1804533"
},
{
"category": "external",
"summary": "1813344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813344"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1834550",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834550"
},
{
"category": "external",
"summary": "1845982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845982"
},
{
"category": "external",
"summary": "1848089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848089"
},
{
"category": "external",
"summary": "1848092",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848092"
},
{
"category": "external",
"summary": "1848643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848643"
},
{
"category": "external",
"summary": "1848647",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848647"
},
{
"category": "external",
"summary": "1849044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849044"
},
{
"category": "external",
"summary": "1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "1850572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850572"
},
{
"category": "external",
"summary": "1853652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652"
},
{
"category": "external",
"summary": "1857412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857412"
},
{
"category": "external",
"summary": "1857977",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857977"
},
{
"category": "external",
"summary": "1858981",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1858981"
},
{
"category": "external",
"summary": "1861044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861044"
},
{
"category": "external",
"summary": "1874671",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874671"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4298.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.6.1 image security update",
"tracking": {
"current_release_date": "2026-01-08T13:07:36+00:00",
"generator": {
"date": "2026-01-08T13:07:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2020:4298",
"initial_release_date": "2020-10-27T16:22:20+00:00",
"revision_history": [
{
"date": "2020-10-27T16:22:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-10-27T16:22:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-08T13:07:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.6",
"product": {
"name": "Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"product": {
"name": "openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"product_id": "openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-autoscaler\u0026tag=v4.6.0-202009291152.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"product": {
"name": "openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"product_id": "openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"product": {
"name": "openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"product_id": "openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-machine-controllers\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"product": {
"name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"product_id": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-etcd-rhel8-operator\u0026tag=v4.6.0-202010062159.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"product": {
"name": "openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"product_id": "openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-coredns\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"product": {
"name": "openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"product_id": "openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-attacher-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"product": {
"name": "openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"product_id": "openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-attacher\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"product": {
"name": "openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"product_id": "openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-livenessprobe\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"product": {
"name": "openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"product_id": "openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-livenessprobe-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"product": {
"name": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"product_id": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-node-driver-registrar-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"product": {
"name": "openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"product_id": "openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-node-driver-registrar\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"product": {
"name": "openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"product_id": "openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-provisioner\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"product": {
"name": "openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"product_id": "openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-provisioner-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"product": {
"name": "openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"product_id": "openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-operator\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"product": {
"name": "openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"product_id": "openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-oauth-proxy\u0026tag=v4.6.0-202010010929.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"product": {
"name": "openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"product_id": "openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-prometheus\u0026tag=v4.6.0-202009290409.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"product": {
"name": "openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"product_id": "openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-grafana\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"product": {
"name": "openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"product_id": "openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-kube-rbac-proxy\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"product": {
"name": "openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"product_id": "openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-logging-kibana6\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"product": {
"name": "openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"product_id": "openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-operator-marketplace\u0026tag=v4.6.0-202010081538.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"product": {
"name": "openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"product_id": "openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-multus-cni\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"product_id": "openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"product": {
"name": "openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"product_id": "openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-docker-builder\u0026tag=v4.6.0-202010120952.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"product": {
"name": "openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"product_id": "openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cli\u0026tag=v4.6.0-202010080605.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"product_id": "openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"product": {
"name": "openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"product_id": "openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.6.0-202010100121.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"product": {
"name": "openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"product_id": "openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-console-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"product": {
"name": "openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"product_id": "openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-hyperkube\u0026tag=v4.6.0-202010081843.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"product": {
"name": "openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"product_id": "openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-docker-registry\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le",
"product": {
"name": "openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le",
"product_id": "openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-tests\u0026tag=v4.6.0-202010120952.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"product": {
"name": "openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"product_id": "openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-operator-lifecycle-manager\u0026tag=v4.6.0-202010130555.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"product": {
"name": "openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"product_id": "openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-operator-registry\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"product": {
"name": "openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"product_id": "openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-rhel8-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"product": {
"name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"product_id": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-runtimecfg-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"product": {
"name": "openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"product_id": "openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cli-artifacts\u0026tag=v4.6.0-202010080605.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"product": {
"name": "openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"product_id": "openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cloud-credential-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"product": {
"name": "openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"product_id": "openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-authentication-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"product": {
"name": "openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"product_id": "openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-autoscaler-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"product": {
"name": "openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"product_id": "openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-config-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"product": {
"name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"product_id": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"product": {
"name": "openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"product_id": "openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-dns-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"product": {
"name": "openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"product_id": "openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-image-registry-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"product": {
"name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"product_id": "openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-apiserver-operator\u0026tag=v4.6.0-202010090300.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"product": {
"name": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"product_id": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-controller-manager-operator\u0026tag=v4.6.0-202010081538.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"product": {
"name": "openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"product_id": "openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-scheduler-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"product": {
"name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"product_id": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"product": {
"name": "openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"product_id": "openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-machine-approver\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"product": {
"name": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"product_id": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-openshift-apiserver-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"product": {
"name": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"product_id": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-openshift-controller-manager-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"product": {
"name": "openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"product_id": "openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-policy-controller-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"product": {
"name": "openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"product_id": "openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-samples-operator\u0026tag=v4.6.0-202009290409.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"product": {
"name": "openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"product_id": "openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-storage-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"product": {
"name": "openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"product_id": "openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-resizer\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"product": {
"name": "openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"product_id": "openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-resizer-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"product": {
"name": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"product_id": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-snapshotter-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"product": {
"name": "openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"product_id": "openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-snapshotter\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"product": {
"name": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"product_id": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-snapshot-controller-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"product": {
"name": "openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"product_id": "openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-snapshot-controller\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"product": {
"name": "openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"product_id": "openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-etcd\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"product": {
"name": "openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"product_id": "openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-gcp-machine-controllers-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"product": {
"name": "openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"product_id": "openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-installer\u0026tag=v4.6.0-202010081843.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"product": {
"name": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"product_id": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-kube-storage-version-migrator-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"product": {
"name": "openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"product_id": "openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"product": {
"name": "openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"product_id": "openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-machine-config-operator\u0026tag=v4.6.0-202010220220.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"product": {
"name": "openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"product_id": "openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-mdns-publisher-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"product": {
"name": "openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"product_id": "openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-multus-admission-controller\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"product": {
"name": "openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"product_id": "openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-multus-route-override-cni-rhel8\u0026tag=v4.6.0-202010012244.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"product": {
"name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"product_id": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-multus-whereabouts-ipam-cni-rhel8\u0026tag=v4.6.0-202010011936.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"product": {
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"product_id": "openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-network-metrics-daemon-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"product": {
"name": "openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"product_id": "openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-oauth-apiserver-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"product": {
"name": "openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"product_id": "openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-openshift-apiserver-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"product": {
"name": "openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"product_id": "openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-openshift-controller-manager-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"product_id": "openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"product": {
"name": "openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"product_id": "openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-service-ca-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.6.0-202010200139.p0"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"product": {
"name": "openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"product_id": "openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-autoscaler\u0026tag=v4.6.0-202009291152.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"product": {
"name": "openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"product_id": "openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"product": {
"name": "openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"product_id": "openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-machine-controllers\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"product": {
"name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"product_id": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-etcd-rhel8-operator\u0026tag=v4.6.0-202010062159.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"product": {
"name": "openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"product_id": "openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-coredns\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"product": {
"name": "openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"product_id": "openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-attacher-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"product": {
"name": "openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"product_id": "openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-attacher\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"product": {
"name": "openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"product_id": "openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-livenessprobe\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"product": {
"name": "openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"product_id": "openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-livenessprobe-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"product": {
"name": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"product_id": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-node-driver-registrar-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"product": {
"name": "openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"product_id": "openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-node-driver-registrar\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"product": {
"name": "openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"product_id": "openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-provisioner\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"product": {
"name": "openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"product_id": "openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-provisioner-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"product": {
"name": "openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"product_id": "openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-operator\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"product": {
"name": "openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"product_id": "openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-oauth-proxy\u0026tag=v4.6.0-202010010929.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"product": {
"name": "openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"product_id": "openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-prometheus\u0026tag=v4.6.0-202009290409.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"product": {
"name": "openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"product_id": "openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-grafana\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"product": {
"name": "openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"product_id": "openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-kube-rbac-proxy\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"product": {
"name": "openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"product_id": "openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-logging-kibana6\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"product": {
"name": "openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"product_id": "openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-operator-marketplace\u0026tag=v4.6.0-202010081538.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"product": {
"name": "openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"product_id": "openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-multus-cni\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"product_id": "openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"product": {
"name": "openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"product_id": "openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-docker-builder\u0026tag=v4.6.0-202010120952.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"product": {
"name": "openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"product_id": "openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cli\u0026tag=v4.6.0-202010080605.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"product_id": "openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"product": {
"name": "openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"product_id": "openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.6.0-202010100121.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"product": {
"name": "openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"product_id": "openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-console-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"product": {
"name": "openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"product_id": "openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-hyperkube\u0026tag=v4.6.0-202010081843.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"product": {
"name": "openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"product_id": "openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-docker-registry\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"product": {
"name": "openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"product_id": "openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-tests\u0026tag=v4.6.0-202010120952.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"product": {
"name": "openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"product_id": "openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-operator-lifecycle-manager\u0026tag=v4.6.0-202010130555.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"product": {
"name": "openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"product_id": "openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-operator-registry\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"product": {
"name": "openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"product_id": "openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-rhel8-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"product": {
"name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"product_id": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-runtimecfg-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"product": {
"name": "openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"product_id": "openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cli-artifacts\u0026tag=v4.6.0-202010080605.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"product": {
"name": "openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"product_id": "openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cloud-credential-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"product": {
"name": "openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"product_id": "openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-authentication-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"product": {
"name": "openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"product_id": "openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-autoscaler-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"product": {
"name": "openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"product_id": "openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-config-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"product": {
"name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"product_id": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"product": {
"name": "openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"product_id": "openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-dns-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"product": {
"name": "openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"product_id": "openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-image-registry-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"product": {
"name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"product_id": "openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-apiserver-operator\u0026tag=v4.6.0-202010090300.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"product": {
"name": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"product_id": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-controller-manager-operator\u0026tag=v4.6.0-202010081538.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"product": {
"name": "openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"product_id": "openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-scheduler-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"product": {
"name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"product_id": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"product": {
"name": "openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"product_id": "openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-machine-approver\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"product": {
"name": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"product_id": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-openshift-apiserver-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"product": {
"name": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"product_id": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-openshift-controller-manager-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"product": {
"name": "openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"product_id": "openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-policy-controller-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"product": {
"name": "openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"product_id": "openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-samples-operator\u0026tag=v4.6.0-202009290409.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"product": {
"name": "openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"product_id": "openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-storage-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"product": {
"name": "openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"product_id": "openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-resizer\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"product": {
"name": "openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"product_id": "openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-resizer-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"product": {
"name": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"product_id": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-snapshotter-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"product": {
"name": "openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"product_id": "openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-snapshotter\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"product": {
"name": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"product_id": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-snapshot-controller-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"product": {
"name": "openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"product_id": "openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-snapshot-controller\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"product": {
"name": "openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"product_id": "openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-etcd\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"product": {
"name": "openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"product_id": "openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-installer\u0026tag=v4.6.0-202010081843.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"product": {
"name": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"product_id": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-kube-storage-version-migrator-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"product": {
"name": "openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"product_id": "openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"product": {
"name": "openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"product_id": "openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-machine-config-operator\u0026tag=v4.6.0-202010220220.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"product": {
"name": "openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"product_id": "openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-mdns-publisher-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"product": {
"name": "openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"product_id": "openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-multus-admission-controller\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"product": {
"name": "openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"product_id": "openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-multus-route-override-cni-rhel8\u0026tag=v4.6.0-202010012244.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"product": {
"name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"product_id": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-multus-whereabouts-ipam-cni-rhel8\u0026tag=v4.6.0-202010011936.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"product": {
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"product_id": "openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-network-metrics-daemon-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"product": {
"name": "openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"product_id": "openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-oauth-apiserver-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"product": {
"name": "openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"product_id": "openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-openshift-apiserver-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"product": {
"name": "openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"product_id": "openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-openshift-controller-manager-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"product_id": "openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"product": {
"name": "openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"product_id": "openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-service-ca-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.6.0-202010200139.p0"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"product": {
"name": "openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"product_id": "openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-autoscaler\u0026tag=v4.6.0-202009291152.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"product": {
"name": "openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"product_id": "openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"product": {
"name": "openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"product_id": "openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-machine-controllers\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"product": {
"name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"product_id": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-etcd-rhel8-operator\u0026tag=v4.6.0-202010062159.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"product": {
"name": "openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"product_id": "openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-coredns\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"product": {
"name": "openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"product_id": "openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-attacher-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"product": {
"name": "openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"product_id": "openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-attacher\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"product": {
"name": "openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"product_id": "openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-livenessprobe\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"product": {
"name": "openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"product_id": "openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-livenessprobe-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"product": {
"name": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"product_id": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-node-driver-registrar-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"product": {
"name": "openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"product_id": "openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-node-driver-registrar\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"product": {
"name": "openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"product_id": "openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-provisioner\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"product": {
"name": "openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"product_id": "openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-provisioner-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"product": {
"name": "openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"product_id": "openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-operator\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"product": {
"name": "openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"product_id": "openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-oauth-proxy\u0026tag=v4.6.0-202010010929.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"product": {
"name": "openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"product_id": "openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-prometheus\u0026tag=v4.6.0-202009290409.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"product": {
"name": "openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"product_id": "openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-grafana\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"product": {
"name": "openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"product_id": "openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-kube-rbac-proxy\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"product": {
"name": "openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"product_id": "openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-logging-kibana6\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"product": {
"name": "openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"product_id": "openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-operator-marketplace\u0026tag=v4.6.0-202010081538.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"product": {
"name": "openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"product_id": "openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-multus-cni\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"product_id": "openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"product": {
"name": "openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"product_id": "openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-docker-builder\u0026tag=v4.6.0-202010120952.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"product": {
"name": "openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"product_id": "openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cli\u0026tag=v4.6.0-202010080605.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"product_id": "openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"product": {
"name": "openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"product_id": "openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.6.0-202010100121.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"product": {
"name": "openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"product_id": "openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-console-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"product": {
"name": "openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"product_id": "openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-hyperkube\u0026tag=v4.6.0-202010081843.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"product": {
"name": "openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"product_id": "openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-docker-registry\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"product": {
"name": "openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"product_id": "openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-tests\u0026tag=v4.6.0-202010120952.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"product": {
"name": "openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"product_id": "openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-operator-lifecycle-manager\u0026tag=v4.6.0-202010130555.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"product": {
"name": "openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"product_id": "openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-operator-registry\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"product": {
"name": "openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"product_id": "openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-aws-machine-controllers\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"product": {
"name": "openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"product_id": "openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-azure-machine-controllers\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"product": {
"name": "openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"product_id": "openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-rhel8-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"product": {
"name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"product_id": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-runtimecfg-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"product": {
"name": "openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"product_id": "openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cli-artifacts\u0026tag=v4.6.0-202010080605.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"product": {
"name": "openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"product_id": "openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cloud-credential-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"product": {
"name": "openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"product_id": "openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-authentication-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"product": {
"name": "openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"product_id": "openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-autoscaler-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"product": {
"name": "openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"product_id": "openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-config-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"product": {
"name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"product_id": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"product": {
"name": "openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"product_id": "openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-dns-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"product": {
"name": "openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"product_id": "openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-image-registry-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"product": {
"name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"product_id": "openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-apiserver-operator\u0026tag=v4.6.0-202010090300.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"product": {
"name": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"product_id": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-controller-manager-operator\u0026tag=v4.6.0-202010081538.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"product": {
"name": "openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"product_id": "openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-scheduler-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"product": {
"name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"product_id": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"product": {
"name": "openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"product_id": "openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-machine-approver\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"product": {
"name": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"product_id": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-openshift-apiserver-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"product": {
"name": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"product_id": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-openshift-controller-manager-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"product": {
"name": "openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"product_id": "openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-policy-controller-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"product": {
"name": "openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"product_id": "openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-samples-operator\u0026tag=v4.6.0-202009290409.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"product": {
"name": "openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"product_id": "openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-storage-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"product": {
"name": "openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"product_id": "openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-resizer\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"product": {
"name": "openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"product_id": "openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-resizer-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"product": {
"name": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"product_id": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-snapshotter-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"product": {
"name": "openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"product_id": "openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-external-snapshotter\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"product": {
"name": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"product_id": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-snapshot-controller-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"product": {
"name": "openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"product_id": "openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-snapshot-controller\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"product": {
"name": "openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"product_id": "openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-etcd\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"product": {
"name": "openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"product_id": "openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-gcp-machine-controllers-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"product": {
"name": "openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"product_id": "openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-installer\u0026tag=v4.6.0-202010081843.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"product": {
"name": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"product_id": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-kube-storage-version-migrator-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"product": {
"name": "openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"product_id": "openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"product": {
"name": "openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"product_id": "openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-machine-config-operator\u0026tag=v4.6.0-202010220220.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"product": {
"name": "openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"product_id": "openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-mdns-publisher-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"product": {
"name": "openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"product_id": "openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-reporting-operator\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"product": {
"name": "openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"product_id": "openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-multus-admission-controller\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"product": {
"name": "openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"product_id": "openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-multus-route-override-cni-rhel8\u0026tag=v4.6.0-202010012244.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"product": {
"name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"product_id": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-multus-whereabouts-ipam-cni-rhel8\u0026tag=v4.6.0-202010011936.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"product": {
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"product_id": "openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-network-metrics-daemon-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"product": {
"name": "openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"product_id": "openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-oauth-apiserver-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"product": {
"name": "openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"product_id": "openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-openshift-apiserver-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"product": {
"name": "openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"product_id": "openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-openshift-controller-manager-rhel8\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"product_id": "openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"product": {
"name": "openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"product_id": "openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-service-ca-operator\u0026tag=v4.6.0-202010061132.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"product": {
"name": "openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"product_id": "openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-presto\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.6.0-202010200139.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.6.0-202010200139.p0"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64"
},
"product_reference": "openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64"
},
"product_reference": "openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64"
},
"product_reference": "openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le"
},
"product_reference": "openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x"
},
"product_reference": "openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64"
},
"product_reference": "openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le"
},
"product_reference": "openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x"
},
"product_reference": "openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64"
},
"product_reference": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x"
},
"product_reference": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le"
},
"product_reference": "openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x"
},
"product_reference": "openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64"
},
"product_reference": "openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le"
},
"product_reference": "openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64"
},
"product_reference": "openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x"
},
"product_reference": "openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le"
},
"product_reference": "openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64"
},
"product_reference": "openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x"
},
"product_reference": "openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le"
},
"product_reference": "openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64"
},
"product_reference": "openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le"
},
"product_reference": "openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x"
},
"product_reference": "openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x"
},
"product_reference": "openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le"
},
"product_reference": "openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64"
},
"product_reference": "openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x"
},
"product_reference": "openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64"
},
"product_reference": "openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le"
},
"product_reference": "openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64"
},
"product_reference": "openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x"
},
"product_reference": "openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le"
},
"product_reference": "openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x"
},
"product_reference": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64"
},
"product_reference": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le"
},
"product_reference": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le"
},
"product_reference": "openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x"
},
"product_reference": "openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64"
},
"product_reference": "openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64"
},
"product_reference": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x"
},
"product_reference": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le"
},
"product_reference": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le"
},
"product_reference": "openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x"
},
"product_reference": "openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64"
},
"product_reference": "openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le"
},
"product_reference": "openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64"
},
"product_reference": "openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x"
},
"product_reference": "openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x"
},
"product_reference": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le"
},
"product_reference": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64"
},
"product_reference": "openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64"
},
"product_reference": "openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x"
},
"product_reference": "openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le"
},
"product_reference": "openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le"
},
"product_reference": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x"
},
"product_reference": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64"
},
"product_reference": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x"
},
"product_reference": "openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le"
},
"product_reference": "openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64"
},
"product_reference": "openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le"
},
"product_reference": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64"
},
"product_reference": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x"
},
"product_reference": "openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x"
},
"product_reference": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le"
},
"product_reference": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64"
},
"product_reference": "openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x"
},
"product_reference": "openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le"
},
"product_reference": "openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64"
},
"product_reference": "openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le"
},
"product_reference": "openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x"
},
"product_reference": "openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64"
},
"product_reference": "openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64"
},
"product_reference": "openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le"
},
"product_reference": "openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x"
},
"product_reference": "openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le"
},
"product_reference": "openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64"
},
"product_reference": "openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x"
},
"product_reference": "openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le"
},
"product_reference": "openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x"
},
"product_reference": "openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64"
},
"product_reference": "openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64"
},
"product_reference": "openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le"
},
"product_reference": "openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x"
},
"product_reference": "openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64"
},
"product_reference": "openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le"
},
"product_reference": "openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x"
},
"product_reference": "openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64"
},
"product_reference": "openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le"
},
"product_reference": "openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x"
},
"product_reference": "openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le"
},
"product_reference": "openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x"
},
"product_reference": "openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64"
},
"product_reference": "openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le"
},
"product_reference": "openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x"
},
"product_reference": "openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64"
},
"product_reference": "openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64"
},
"product_reference": "openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x"
},
"product_reference": "openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le"
},
"product_reference": "openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64"
},
"product_reference": "openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x"
},
"product_reference": "openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le"
},
"product_reference": "openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64"
},
"product_reference": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x"
},
"product_reference": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le"
},
"product_reference": "openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64"
},
"product_reference": "openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x"
},
"product_reference": "openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le"
},
"product_reference": "openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64"
},
"product_reference": "openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le"
},
"product_reference": "openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x"
},
"product_reference": "openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64"
},
"product_reference": "openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le"
},
"product_reference": "openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x"
},
"product_reference": "openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x"
},
"product_reference": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64"
},
"product_reference": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le"
},
"product_reference": "openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x"
},
"product_reference": "openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64"
},
"product_reference": "openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le"
},
"product_reference": "openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x"
},
"product_reference": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le"
},
"product_reference": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64"
},
"product_reference": "openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x"
},
"product_reference": "openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le"
},
"product_reference": "openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64"
},
"product_reference": "openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64"
},
"product_reference": "openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le"
},
"product_reference": "openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x"
},
"product_reference": "openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64"
},
"product_reference": "openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x"
},
"product_reference": "openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le"
},
"product_reference": "openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x"
},
"product_reference": "openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le"
},
"product_reference": "openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64"
},
"product_reference": "openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le"
},
"product_reference": "openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64"
},
"product_reference": "openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x"
},
"product_reference": "openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x"
},
"product_reference": "openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64"
},
"product_reference": "openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le"
},
"product_reference": "openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le"
},
"product_reference": "openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64"
},
"product_reference": "openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64"
},
"product_reference": "openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le"
},
"product_reference": "openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x"
},
"product_reference": "openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le"
},
"product_reference": "openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64"
},
"product_reference": "openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x"
},
"product_reference": "openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le"
},
"product_reference": "openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64"
},
"product_reference": "openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x"
},
"product_reference": "openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x"
},
"product_reference": "openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le"
},
"product_reference": "openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64"
},
"product_reference": "openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x"
},
"product_reference": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64"
},
"product_reference": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le"
},
"product_reference": "openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x"
},
"product_reference": "openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64"
},
"product_reference": "openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le"
},
"product_reference": "openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x"
},
"product_reference": "openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64"
},
"product_reference": "openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le"
},
"product_reference": "openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le"
},
"product_reference": "openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64"
},
"product_reference": "openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x"
},
"product_reference": "openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64"
},
"product_reference": "openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64"
},
"product_reference": "openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le"
},
"product_reference": "openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x"
},
"product_reference": "openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64"
},
"product_reference": "openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le"
},
"product_reference": "openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64"
},
"product_reference": "openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x"
},
"product_reference": "openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le"
},
"product_reference": "openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64"
},
"product_reference": "openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x"
},
"product_reference": "openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le"
},
"product_reference": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x"
},
"product_reference": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64"
},
"product_reference": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le"
},
"product_reference": "openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64"
},
"product_reference": "openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x"
},
"product_reference": "openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64"
},
"product_reference": "openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le"
},
"product_reference": "openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x"
},
"product_reference": "openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64"
},
"product_reference": "openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x"
},
"product_reference": "openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le"
},
"product_reference": "openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le"
},
"product_reference": "openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64"
},
"product_reference": "openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x"
},
"product_reference": "openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le"
},
"product_reference": "openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x"
},
"product_reference": "openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64"
},
"product_reference": "openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x"
},
"product_reference": "openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64"
},
"product_reference": "openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le"
},
"product_reference": "openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64"
},
"product_reference": "openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x"
},
"product_reference": "openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le"
},
"product_reference": "openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x"
},
"product_reference": "openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le"
},
"product_reference": "openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64"
},
"product_reference": "openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x"
},
"product_reference": "openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64"
},
"product_reference": "openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le"
},
"product_reference": "openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le"
},
"product_reference": "openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64"
},
"product_reference": "openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x"
},
"product_reference": "openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64"
},
"product_reference": "openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le"
},
"product_reference": "openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x"
},
"product_reference": "openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x"
},
"product_reference": "openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64"
},
"product_reference": "openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
},
"product_reference": "openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-0169",
"discovery_date": "2013-02-04T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "907589"
}
],
"notes": [
{
"category": "description",
"text": "The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SSL/TLS: CBC padding timing attack (lucky-13)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-0169"
},
{
"category": "external",
"summary": "RHBZ#907589",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=907589"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-0169",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0169"
},
{
"category": "external",
"summary": "http://www.isg.rhul.ac.uk/tls/",
"url": "http://www.isg.rhul.ac.uk/tls/"
},
{
"category": "external",
"summary": "http://www.openssl.org/news/secadv_20130205.txt",
"url": "http://www.openssl.org/news/secadv_20130205.txt"
},
{
"category": "external",
"summary": "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released",
"url": "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released"
}
],
"release_date": "2013-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T16:22:20+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
},
{
"category": "workaround",
"details": "On OpenShift Container Platform 3.11 it\u0027s possible to edit the list of cipher suites offered by the router when performing \u0027edge\u0027, or \u0027re-encrypt\u0027 TLS modes. Please follow the documentation [1], and [2] to remove the vulnerable CBC ciphers use the modern, or intermediate cipher suites outlined by Mozilla instead [3]. In \u0027passthrough\u0027 mode TLS termination occurs in the application so that is another way to mitigate the vulnerability.\n[1] https://docs.openshift.com/container-platform/3.11/install_config/router/customized_haproxy_router.html#obtaining-router-configuration-template\n[2] https://docs.openshift.com/container-platform/3.11/install_config/router/customized_haproxy_router.html#using-configmap-replace-template\n[3] https://wiki.mozilla.org/Security/Server_Side_TLS",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "SSL/TLS: CBC padding timing attack (lucky-13)"
},
{
"cve": "CVE-2018-18624",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-24T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850572"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in grafana. An incomplete fix for CVE-2018-12099 allows for a XSS via a column style on the \"Dashboard \u003e Table Panel\" screen.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "grafana: XSS vulnerability via a column style on the \"Dashboard \u003e Table Panel\" screen",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Both OpenShift 3.11 and 4.x grafana-container\u0027s package a vulnerable version of grafana. However the grafana instance is set to read-only meaning that the potential XSS attack cannot be performed as the table panel cannot be modified or added. As OpenShift still packages the vulnerable code, the components are affected but with impact Low.\n\nIn OpenShift ServiceMesh the grafana component is a vulnerable version, however as it is behind OpenShift OAuth restricting access to authenticated users only the impact is Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-18624"
},
{
"category": "external",
"summary": "RHBZ#1850572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850572"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-18624",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18624"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-18624",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-18624"
},
{
"category": "external",
"summary": "https://security.netapp.com/advisory/ntap-20200608-0008/",
"url": "https://security.netapp.com/advisory/ntap-20200608-0008/"
}
],
"release_date": "2020-06-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T16:22:20+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "grafana: XSS vulnerability via a column style on the \"Dashboard \u003e Table Panel\" screen"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T16:22:20+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2019-16769",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848092"
}
],
"notes": [
{
"category": "description",
"text": "A XSS flaw was found in npm-serialize-javascript. It does not properly mitigate against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js\u0027s implementation of RegExp.prototype.toString() backslash-escapes all forward slashes in regular expressions. If serialized data of regular expression objects are used in an environment other than Node.js, it is affected by this vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In both OpenShift Container Platform (OCP) and OpenShift ServiceMesh (OSSM), the grafana and prometheus containers are behind OpenShift OAuth authentication. This restricts access to the vulnerable serialize-javascript library to authenticated users only, therefore the impact is low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16769"
},
{
"category": "external",
"summary": "RHBZ#1848092",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848092"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16769",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16769"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16769",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16769"
}
],
"release_date": "2020-05-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T16:22:20+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions"
},
{
"cve": "CVE-2020-7013",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2020-06-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1849044"
}
],
"notes": [
{
"category": "description",
"text": "Kibana versions before 6.8.9 and 7.7.0 contain a prototype pollution flaw in TSVB. An authenticated attacker with privileges to create TSVB visualizations could insert data that would cause Kibana to execute arbitrary code. This could possibly lead to an attacker executing code with the permissions of the Kibana process on the host system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To mitigate this vulnerability you can set \"metrics.enabled: false\" in kibana.yml",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7013"
},
{
"category": "external",
"summary": "RHBZ#1849044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849044"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7013",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7013"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7013",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7013"
},
{
"category": "external",
"summary": "https://discuss.elastic.co/t/elastic-stack-6-8-9-and-7-7-0-security-update/235571",
"url": "https://discuss.elastic.co/t/elastic-stack-6-8-9-and-7-7-0-security-update/235571"
}
],
"release_date": "2020-06-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T16:22:20+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06)"
},
{
"cve": "CVE-2020-7598",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-03-11T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1813344"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-minimist, where it was tricked into adding or modifying properties of the Object.prototype using a \"constructor\" or \"__proto__\" payload. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Quay only includes minimist as a dependency of the test suites, and it not include it in the product. We may fix this issue in a future Red Hat Quay release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7598"
},
{
"category": "external",
"summary": "RHBZ#1813344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7598",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7598"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7598",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7598"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-MINIMIST-559764",
"url": "https://snyk.io/vuln/SNYK-JS-MINIMIST-559764"
}
],
"release_date": "2020-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T16:22:20+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload"
},
{
"cve": "CVE-2020-7662",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-06-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1845982"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In both OpenShift Container Platform (OCP) and OpenShift ServiceMesh (OSSM), the grafana and prometheus containers are behind OpenShift OAuth restricting access to the vulnerable websocket-extension to authenticated users only, therefore the impact is Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7662"
},
{
"category": "external",
"summary": "RHBZ#1845982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845982"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7662",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7662"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7662",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7662"
},
{
"category": "external",
"summary": "https://github.com/faye/websocket-extensions-node/security/advisories/GHSA-g78m-2chm-r7qv",
"url": "https://github.com/faye/websocket-extensions-node/security/advisories/GHSA-g78m-2chm-r7qv"
}
],
"release_date": "2020-06-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T16:22:20+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser"
},
{
"cve": "CVE-2020-8203",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-07-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857412"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-lodash in versions 4.17.15 and earlier. A prototype pollution attack is possible which can lead to arbitrary code execution. The primary threat from this vulnerability is to data integrity and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-lodash: prototype pollution in zipObjectDeep function",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift ServiceMesh (OSSM), Red Hat OpenShift Jaeger (RHOSJ) and Red Hat OpenShift Container Platform (RHOCP), the affected containers are behind OpenShift OAuth authentication. This restricts access to the vulnerable nodejs-lodash library to authenticated users only, therefore the impact is low.\n\nRed Hat OpenShift Container Platform 4 delivers the kibana package where the nodejs-lodash library is used, but due to the code changing to the container first content the kibana package is marked as wontfix. This may be fixed in the future.\n\nRed Hat Virtualization uses vulnerable version of nodejs-lodash, however zipObjectDeep is not used, therefore the impact is low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8203"
},
{
"category": "external",
"summary": "RHBZ#1857412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857412"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8203",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8203"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8203",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8203"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/712065",
"url": "https://hackerone.com/reports/712065"
},
{
"category": "external",
"summary": "https://www.npmjs.com/advisories/1523",
"url": "https://www.npmjs.com/advisories/1523"
}
],
"release_date": "2020-04-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T16:22:20+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-lodash: prototype pollution in zipObjectDeep function"
},
{
"acknowledgments": [
{
"names": [
"the Kubernetes Product Security Committee"
]
},
{
"names": [
"Wouter ter Maat"
],
"organization": "Offensi",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-8559",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2020-06-26T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851422"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Kubernetes API server, where it allows an attacker to escalate their privileges from a compromised node. This flaw allows an attacker who can intercept requests on a compromised node, to redirect those requests, along with their credentials, to perform actions on other endpoints that trust those credentials (including other clusters), allowing for escalation of privileges. The highest threat from this vulnerability is to confidentiality, integrity, and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubernetes: compromised node could escalate to cluster level privileges",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Kubernetes is embedded in the version of heketi shipped with Red Hat Gluster Storage 3. However, it does not use Kubernetes API server part and only uses client side bits. Hence, this flaw does not affect heketi.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8559"
},
{
"category": "external",
"summary": "RHBZ#1851422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851422"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8559",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8559"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8559",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8559"
},
{
"category": "external",
"summary": "https://groups.google.com/g/kubernetes-security-announce/c/JAIGG5yNROs",
"url": "https://groups.google.com/g/kubernetes-security-announce/c/JAIGG5yNROs"
}
],
"release_date": "2020-07-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T16:22:20+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
},
{
"category": "workaround",
"details": "No mitigation is known.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kubernetes: compromised node could escalate to cluster level privileges"
},
{
"cve": "CVE-2020-9283",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2020-02-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1804533"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the SSH package of the golang.org/x/crypto library. An attacker could exploit this flaw by supplying crafted SSH ed25519 keys to cause a crash in applications that use this package as either an SSH client or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform uses the vulnerable library in a number of components but strictly as an SSH client. The severity of this vulnerability is reduced for clients as it requires connections to malicious SSH servers, with the maximum impact only a client crash. This vulnerability is rated Low for OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-9283"
},
{
"category": "external",
"summary": "RHBZ#1804533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1804533"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-9283",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9283"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/golang-announce/3L45YRc91SY",
"url": "https://groups.google.com/forum/#!topic/golang-announce/3L45YRc91SY"
}
],
"release_date": "2020-02-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T16:22:20+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic"
},
{
"cve": "CVE-2020-10715",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2019-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1767665"
}
],
"notes": [
{
"category": "description",
"text": "A content spoofing vulnerability was found in the openshift/console. This flaw allows an attacker to craft a URL and inject arbitrary text onto the error page that appears to be from the OpenShift instance. This attack could potentially convince a user that the inserted text is legitimate.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openshift/console: text injection on error page via crafted url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10715"
},
{
"category": "external",
"summary": "RHBZ#1767665",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1767665"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10715",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10715"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10715",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10715"
}
],
"release_date": "2020-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T16:22:20+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openshift/console: text injection on error page via crafted url"
},
{
"cve": "CVE-2020-10743",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2020-05-05T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1834550"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that OpenShift Container Platform\u0027s (OCP) distribution of Kibana could open in an iframe, which made it possible to intercept and manipulate requests. This flaw allows an attacker to trick a user into performing arbitrary actions in OCP\u0027s distribution of Kibana, such as clickjacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kibana: X-Frame-Option not set by default might lead to clickjacking",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE relates specifically to OpenShift Container Platform\u0027s distribution of Kibana. Upstream Kibana don\u0027t consider this a vulnerability, but may address this in a future version:\n\nhttps://github.com/elastic/kibana/issues/52809",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10743"
},
{
"category": "external",
"summary": "RHBZ#1834550",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834550"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10743",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10743"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10743",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10743"
}
],
"release_date": "2020-01-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T16:22:20+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
},
{
"category": "workaround",
"details": "Any Kibana version with this commit [1] can add the following configuration option to mitigation the problem:\n\nconfig/kibana.yml:\nserver.customResponseHeaders: {\"x-frame-options\":\"deny\"}\nor\nserver.customResponseHeaders: {\"x-frame-options\":\"sameorigin\"}\n\n[1] https://github.com/elastic/kibana/pull/13045",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kibana: X-Frame-Option not set by default might lead to clickjacking"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T16:22:20+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nStatic code analysis controls ensure that security flaws, including XSS vulnerabilities, are detected early in development by scanning code for improper input handling. This prevents vulnerable code from reaching production and encourages our developers to follow secure coding practices. System monitoring controls play a crucial role in detecting and responding to XSS attacks by analyzing logs, monitoring user behavior, and generating alerts for suspicious activity. Meanwhile, AWS WAF (Web Application Firewall) adds an extra layer of defense by filtering and blocking malicious input before it reaches the platform and/or application. Together, these controls create a defense-in-depth approach, reducing the risk of XSS exploitation by preventing, detecting, and mitigating attacks at multiple levels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T16:22:20+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2020-11110",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-07-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861044"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in grafana. The lack of URL sanitizing allows for stored XSS.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "grafana: stored XSS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Both OpenShift 3.11 and 4.x grafana-container\u0027s package a vulnerable version of grafana. However the grafana instance is set to read-only meaning that the potential XSS attack cannot be performed because the original url field cannot be modified. Access to the grafana panel is additionally behind OpenShift OAuth proxy and requires admin permissions.\nAs OpenShift still packages the vulnerable code, the components are affected but the impact is Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11110"
},
{
"category": "external",
"summary": "RHBZ#1861044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861044"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11110",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11110"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11110",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11110"
}
],
"release_date": "2020-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T16:22:20+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "grafana: stored XSS"
},
{
"cve": "CVE-2020-12052",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in grafana. The software is vulnerable to an annotation popup XSS.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "grafana: XSS annotation popup vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the version of the grafana package as shipped with Red Hat Ceph Storage (RHCS) version 2. Ceph-2 has reached End of Extended Life Cycle Support and no longer fixing moderates/lows.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-12052"
},
{
"category": "external",
"summary": "RHBZ#1848089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-12052",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12052"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12052",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12052"
}
],
"release_date": "2020-04-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T16:22:20+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "grafana: XSS annotation popup vulnerability"
},
{
"cve": "CVE-2020-12245",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-25T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848643"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in grafana. A XSS is possible in table-panel via column.title or cellLinkTooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "grafana: XSS via column.title or cellLinkTooltip",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-12245"
},
{
"category": "external",
"summary": "RHBZ#1848643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848643"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-12245",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12245"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12245",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12245"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T16:22:20+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "grafana: XSS via column.title or cellLinkTooltip"
},
{
"cve": "CVE-2020-13822",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2020-06-04T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848647"
}
],
"notes": [
{
"category": "description",
"text": "The Elliptic for Node.js allows ECDSA signature malleability via variations in encoding, leading \u0027\\0\u0027 bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In both OpenShift Container Platform (OCP) and OpenShift ServiceMesh (OSSM), the grafana and prometheus containers don\u0027t use the vulnerable elliptic library for authentication (OpenShift OAuth is used) or traffic communications (OpenShift route is used). Therefore the impact for OCP and OSSM is Low.\n\nRed Hat Quay includes nodejs-elliptic as a dependency of webpack. That dependency is only used at development time, not runtime. Therefore this vulnerability is rated low for Red Hat Quay.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-13822"
},
{
"category": "external",
"summary": "RHBZ#1848647",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848647"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-13822",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13822"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13822",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13822"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-ELLIPTIC-571484",
"url": "https://snyk.io/vuln/SNYK-JS-ELLIPTIC-571484"
}
],
"release_date": "2020-06-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T16:22:20+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures"
},
{
"cve": "CVE-2020-14040",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-06-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1853652"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the golang.org/x/text library. A library or application must use one of the vulnerable functions, such as unicode.Transform, transform.String, or transform.Byte, to be susceptible to this vulnerability. If an attacker is able to supply specific characters or strings to the vulnerable application, there is the potential to cause an infinite loop to occur using more memory, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* OpenShift ServiceMesh (OSSM) 1.0 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities. Jaeger was packaged with ServiceMesh in 1.0, and hence is also marked OOSS, but the Jaeger-Operator is a standalone product and is affected by this vulnerability.\n\n* Because Service Telemetry Framework does not directly use unicode.UTF16, no update will be provided at this time for STF\u0027s sg-core-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14040"
},
{
"category": "external",
"summary": "RHBZ#1853652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/39491",
"url": "https://github.com/golang/go/issues/39491"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0",
"url": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0"
}
],
"release_date": "2020-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T16:22:20+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash"
},
{
"acknowledgments": [
{
"names": [
"Yuval Kashtan"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-14336",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2020-06-25T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1858981"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets. This flaw allows an attacker to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openshift: restricted SCC allows pods to craft custom network packets",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "By default, the OpenShift Container Platform uses the OpenShift SDN network interface. This interface makes this attack impractical by implementing IPTable rules on the host side of the virtual network interface, isolating network traffic to within the pod.\n\nIf the OpenShift Container Platform has the sriov-network-operator deployed, it is at a greater risk for exploitation. \n\nIf installing a new OCP 4.6 cluster no changes are required. If upgrading a cluster from an earlier version to 4.5.16 be sure to delete 99-worker-generated-crio-capabilities and 99-master-generated-crio-capabilities machine controllers once you have tested that dropping NET_RAW does not break your cluster workload.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14336"
},
{
"category": "external",
"summary": "RHBZ#1858981",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1858981"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14336",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14336"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14336",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14336"
}
],
"release_date": "2020-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T16:22:20+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
},
{
"category": "workaround",
"details": "On OCP 3.11 create a custom SCC based on \u0027restricted\u0027 and also drop the NET_RAW capability[1]. Assign this custom SCC to any users, or groups which create pods you want to protect. See the documentation for more information [2]. \n[1] https://access.redhat.com/solutions/5611521\n[2] https://docs.openshift.com/container-platform/3.11/admin_guide/manage_scc.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openshift: restricted SCC allows pods to craft custom network packets"
},
{
"cve": "CVE-2020-15366",
"cwe": {
"id": "CWE-471",
"name": "Modification of Assumed-Immutable Data (MAID)"
},
"discovery_date": "2020-07-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857977"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-ajv. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. While untrusted schemas are recommended against, the worst case of an untrusted schema should be a denial of service, not execution of code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In both OpenShift Container Platform (OCP) and OpenShift ServiceMesh (OSSM), the affected containers are behind OpenShift OAuth authentication. This restricts access to the vulnerable nodejs-ajv library to authenticated users only, therefore the impact is low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15366"
},
{
"category": "external",
"summary": "RHBZ#1857977",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857977"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15366"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15366",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15366"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-AJV-584908",
"url": "https://snyk.io/vuln/SNYK-JS-AJV-584908"
}
],
"release_date": "2020-07-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T16:22:20+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0aae0e57468c16c89ba38972c604c99407b5fb4001fc33adf5222ee79b4de18e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1e7051812f5c4e98573a0281d152ebb0500908b89610fc3e122c7184f6ba9707_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:b21597cc50e964c01ba1b1d7f14e5a548f072c499c4a0cfd6ec76d33c24064a6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers@sha256:b7dc5f4101a8cb88c20d853908982258cab77bb0ac391e965b50b15648ddd854_amd64",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers@sha256:9ef5deb841f1f4a8680f91ebb21952f0eaabf500f4523d891c075b69769ec769_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:6eb0b79a701665269ff5282556fef9dbae69888bcda354c8013479d4d91aa278_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:7def5b35d9c17a603850f7a849cf7d7c5f2ac6295d4ee93e4fb8967c7b669dea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers@sha256:ea1d6a692315d3606fdddd4f007c0730a02387c58e42e001fff4bb0d243bdc47_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:3c9a9d63e4e6746ced1adf0d47fd49d7afac791b4a19e21001a6d7d5dbac12b7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:c75cbb438a59618cfa3737fae7849968603db3ae0a81bb1aa6f0afd993a35f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator@sha256:d36addc7528c70b29e838c7059dbf9c3d657067c74bac125aa1ed96e15d85df0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:0a851f6be3d3ab94ad12a684d40c7c718065d7292fcfe5cfeb8453fc18c64afb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:1806feb5739d3bbdb47557710feab7ec67670262e34abdab407dff7a801465a6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6ca7fd5129d26fae6d255dec6b59fad8c9c2c3699d6858489652d3b86716f38d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:238737a8faf926dc92db7ffcc7b330f9cb42337b27d575b758ee354817b04a8d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:79978a34d1ab3b0ed1ad2c93c09bcb2fcdd1806b35e48a53c99d106347e1a59d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts@sha256:cf02fa6cb215062ffb808b186b99ff648014ac4165aceb8d4acfc7ae68d719ae_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:6aa4bb97adf2142b0e74ccae7fd3661ada73cbaac803b86bb8712261e916d66d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:96db162a92cad3a1d63053c28d9b6dbfeba04f61cd98b49f4e77b4a7ab692c72_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cli@sha256:f78645fac859399ae479950117b10371194c37789aa16564d8c7009b670da9c3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:5e591cab19b41c7ea26eab6056cd518f6d64b59e8051978de927b1b984abfb1d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:b0d756bd44dc48ab4033be3347bb95fcc78fc4b81482e94a1e5863cdba78365e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator@sha256:df4b329c90e13c0374cfad8326f52894d7642cdf5c45dd3a7b951e385e344aa0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:059f0179c0528c6234dbdca7e70fe779cf37be5121f458dd045d2e9662192f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:0fb6eb7dcd8551e512cd24c521877d27683d7a03734ffd8626a6a97622726fa4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator@sha256:ab01309a2cc887d5c37d2138eb54412e318762e7a8b4750d6708decce9ce4336_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:7a07115b0d49b21dbc71acc6030be2bdb20446cb03ef3db67189a9738ba2be53_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:b8056a4eabddb3a0a0c6b9c94127d517f14bc2319b717157268a05ce35e726d8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator@sha256:f18151bf70434e1841ed8182c42e819e92e3d1ad3bbd269c667be8b74ff78444_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:397b2bd57800b98a45420cc417928f1adac06fa74590315f5c921d2d7a8eea98_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:51b08f319750810ef474b210dae72b0faba34b02e635deb1bae84a63bec67db4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler@sha256:532d3fba25db7a456fb512e0b5f88ded944cef9b621286811354776a5cf3a76f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:0665b650e91e5b7a531d6c18c7aca9c2002940fd0b7f629f2a0a14e38a378aa1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:1359e2cd3f9e2ee2f7541e61442c87ea1e6e9ee706cf3d22bd9f86002bc336bc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:4bb1871bb4a2bfd45f7cfc0f1431a9211b5ab0267cabb57a0c6e55cfe2819f18_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:25197b2709c0691c28424c9b07e505a71d13bf481e18bc42636cc84ee8fef033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:a5fac7386f36b6734f6c287384be3224a695599daaea8b4de5423a3ffc98a668_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator@sha256:cfb0348eec3f6693cd1daff8f19a37701d44d726ad665219e3f1843893ba6ec4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:13114a3f1cdcc0a1f50472218667e7c9e4e779fa57194df0a8c876cb44a0575a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:6ca671c810426b8c4f13dd0c7ac19639f9f265b952b8feb5a828e59fab785335_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c1c47d190856629d15c7ba0407a90829e45e2972629174be1501cf7c11a37d9b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:60927cf0a4fb6fc5de51c886dec5c80691a68ac4e7214de5e0dbf17a307bc712_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:97733d92430934968cd2ccf37745d5e5f574b4cab54adbc04adb02a5ddbb8986_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator@sha256:afdf0a3b426ac1c03df52e88a2b884f0714e54a1a03f33091954441a05a7f6b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:1ad85195e1a180698fe4b8df82e3d72075efb256b53f593d13e29faaf7f3e15a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:4c0a4a1890af3d0e5d06a67a7264bf18c5461fed5bee0da918dc9eb66c518f32_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator@sha256:768bc22faab47545e468a2b020c6b2efa7d1bff51372faa152fc690908695798_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:6c72bd0bbcd41c1bb6f322733038eae0f99c64df9d2bbd8261e228d3f6360f8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:d7b48ca3dc3421758f8ffc6e224c768f19ca89988149ee0a8a232d0ed06912f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator@sha256:e2b3f973bc5b9e55d2240a556c4648c921a3c8d3e12381757f1990a864208617_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:0e1cf504276c7ed8feb5dcc39d35bed1ddca82ec097c33a2867810e88957a1ef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:4691dc29704c9cb06d2345894f1a8f074b58a0d208318c5218241388b0916e1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator@sha256:aac8b92d2e49201c6335429ae69a026e47b145840012a973cad24d3331894cfc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:17ac2c4ac4828f606174a6cc2de2a070938f1b446cf602f7abe900e0c0d000a3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:298432cd96498ca19028ca2b57c9d188a7c80a0e81471fb28149a77ba39c22d5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator@sha256:4289297f0b7ee7edf394348fd07e1fa1b3162655f2a2af2245e23af4b179e7f2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:007ecb80d5aa3880868bfd2e110ba4ef6c5b3848fec92b81c97e6eed23dd90a0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:333fee16f1f7f26f0b26e70d3a3cabaec834acba8ff45dc59ab40cb915612fdd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5ddcab5238330b6933b72b50b607edf0275dc3186cd4273b85120b6347975a33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:45586fd7a5cfd43ff546dbfb282a70a91eaf0f069f604230af958dc802832f89_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:bb4910c71732d1a04332265d032f44893c45c14dc821e1d20322124a7ae2da9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator@sha256:f6ca09a43d7d78ee30c96d121b65ac2b9a75f21df0bf71d20cc2e7c0c58a8a4f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:dc563ffbc4d44a86a55129691cbd93a698edb11d6dc7d837a0f330dc7dc31246_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:e1443121180909bd59301b2006a49a48d985614fd3caa17fec746f8c4a7f3222_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:ee4abe53e80e561239e510a6f9999b4dc80b7b3fdc9848ab43d0bf8df24e815d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:0d3aa7b3d666ba3b6d1874f07f6d76506ef3f40a18af6b100827bc9584c579b8_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:d29308cd61e1879328193a2f55c5ab706aa181306a35b690744ffff49be8ab40_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver@sha256:f7b9278ef2fbe988f50e4bdeeea79d9373b55689d17b8c6d7c214429f5b3f9a0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:2b3c51f2463848163072f00443c25c140660c8631d057e4e607263591fa3de3d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:aa4f37543b45bc248db8d9bd2dc45b6e159a8869b044c2310f541afba15b2694_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator@sha256:d3069550fd0872d634a5dfaeb623ad429fcd434429e619b9d88fe2f488fed17e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:52fe949f7e3287bdb2aaf5206ed1f8cf73f11b176f804690c26e1edcc85d9145_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:53899d21a2e15159ccaabc6673a9653666920e87c3e710935b3b6d01c98e3ad4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:c6b3aaaa38679b1d752ec09bd68c6d80a8911c74ec16d27c49de88ecb97823ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:43fa47fc07c69998077c55c6d737a20e25a05662deef3ceb9d08d87859d3b471_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:5a3d47013b37af8b9bba1fb77a120f2b6815da494f683f925da2715e93fcb13c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8@sha256:9b564f882e31f497f57a0d99d406d5231eb15e9a97f0b450c21bec2bac7ff033_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:47af165283b526c8206676eaddaa7b386011412d8287050da3ab53661877e2fd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:75d00a00979b91262a92d5749511b4dead9c6088e3a34fcd4e6299abd6bc1e73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator@sha256:7f93199dcc01838f017030e0e8dd32d1d23fa268d25472e338e6843c8830d364_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:01250de496444bb624ec7b472ac9b0f7023809c88306a71c6ac87bb302f7dbe3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:2c67820caa69a00626cef712ff476cb5c95e30f5065d82300ffbd464a1409e31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator@sha256:390fee60c00e8d30106f3992247b139117572d31dd5736e9014de6dfd55d5825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:3f5ba7c017835bfca96da134b517cf1d82dbd7e463498396b1b2eb49e24ed19a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:a2a167f59783ca402118fe35ea5fefbf457e01b64836f8be3be6695aefd76d76_amd64",
"8Base-RHOSE-4.6:openshift4/ose-console-operator@sha256:b28d263a07069a35e9fc8a80374577297238f318c50f0879b0981114df1678a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1691931fb37d997d0348862d615c434fe9b07da94937ba4fd3c6b6be9cddf226_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:1a11e257ec3255cda6b378b09f59701a93d50df2c6f031427472ad3bba77840d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-console@sha256:f52825e9905c926d399cd0b7afbb2b7d0370ae22da0416feac9131d555db0b98_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:54fbeb744b82662fd38c0d301ebaad6ca8983707bc44db7235ead0fb7b95808f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:5b2fde9043203be83ac0a7fe9f0e732ceae0d3b3648a3abffc23b004a6fe2824_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-coredns@sha256:6534e528800d309db55a81d404c5760f73b871f6c4fe09da60a3a0374e36097e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:82758fbc97d9da98f20eddcfb4a8bc279726b97da96263d4c165b404389cb553_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:bf2977762ac3ed255ebe85fe7d376fb45e5b197d6a2ee6b0042b43b6b511ec79_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher@sha256:d2e2e6aed46ea40a71f9f0a6301ba2db38e74be54a5a5fe200f86b6b3c576948_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:7620a40284c0e732b77836333d01205b0d768730923bd84b189baf9b2b1a90e5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:9ead95cbe0804469edee5ad1dbe5129360cda64b3fad3093b1bbb38e0396319e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner@sha256:a96e2e4a62bca22da0b6903c9e20d7c776bd241f13accf51ede88965b232aca8_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:12fe384de71c7621d9061f48afafeed3dc337679a66afd8d0a871e200295a1e5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:cefadd1abf5dc481d509d7d562947c17bd50e97d338a25901875a25a5da6e45f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer@sha256:f1cf12a7cf6b47151b6209a411de8704022a5ee8ce6bf04ae4e01343e7a1767d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:0531ff2ccf0ddea76e42cc9951470528bbd7def094884bc569f660376798f40a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:2ac43ab29f1ae54b07cd6e241d30bdf871a39688aa50bc345a7b2bbd5ab03a7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter@sha256:dc4d40d128ee3d346bc41b65cd26db9aea70a4a220a6ad42d8e34d19dc588a46_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:1dcc413b621958f97dfbb3fc998a9e225ef155a80ffb151eb4694bf8370b383a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:78e351661c480c8de80cfe2abe529d2186b06c231013dcf9918ef470725db10e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe@sha256:c29e70f4cb3f2c48655f9355655d166242bfec4fe69b3bf79f0ad884221b1ff0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:1f5150f4085ab4fbd08bc77b6153315b6cd62c1aa3703a41c66252e878d2e01f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:6cdaecd5dd9df8fd74529be7fa5d8973daf6f4ea95be8acfb2f5ac97773ebe67_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar@sha256:94792e69ee3b69ca5469daed1efda56f9c42a14021be4b9e4709fbdd2c12451c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:7c210086c35b34c4da4f6efb95c53d65a8a09b2bc4495a454e8de2bb6b970196_s390x",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:ce56bba027392cd90d5807ec90e87de76b0a544ae9efd14f33e2362e0c5169de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller@sha256:cfe62d81269929501517e75a7d337f7d8fc78ac9a17665adebfef52a2024584d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:09922ec7ae160d64db09eb8544668bf63ac0f49da2eaf613f28505e1b7de0e3e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:938544a404fb4cc42d8082ab8ff06ebf1dbf86a9686662be3913378651375caf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:c1cdf309058dfdb8cf61df7769469c5b68d37ec1aa26587777a31a7540540b84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:2986a09ed686a571312bcb20d648baac46b422efa072f8b68eb41c7996e94610_amd64",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:3f7fabb180fa8a457b57b31f0d1dda040f4ded543c067ac278f2af358bb572dc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder@sha256:da86877ecdac64e75ea6a606a30a7daf2f68cb7404820b925bf7e636dafff70d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:547595298ece82d090eff326fc2183ce3cc770b4fccb2066e9b53de709d9fd84_s390x",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:61b3bd3f81fbe2a28a1cf61b9f6459d19995a8bed705230d66461fb1c2dbfabb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry@sha256:f86db3170270fc635dff0d7f1ba6e79a8f45de7e1dcfa5621474d1f6e07352ec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:46bbd064021e680af30614e11a71bb5c9d134d75bb42d8342f177abf6cddd50a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:600650f9d071b2b05288bb65495179c281cfe2221ac8285460f5eebeae7393f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:99c1be5e668a1eca2bc1be366b78e6ee26aff424e13a54f23c43e9d22f9ae77f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:25ce82e8c5117ccfc7ca6edd84faeadfd72a4298dcb78bfc964e3f633f65837e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:a8214df42df962b965e3f4daad0b61932235e57241160861e503d84e38b775d5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-etcd@sha256:ed67f565a5d175686d5e73aedded98b8ecb7f0c7d631b6c204624ca6cde3d3a5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:1a5551f9325b0b77e9289e3222ca71ed26056229d328f58aa2a894b715acdfee_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8@sha256:af009062907bdf0c0ed59e40515e3576f9216b79fb2fe80e154d528d928d040f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:8248dec0d94b2928aa4d63a22973d9a8f8f173a1431b2ab4ad15fdfe80283d7c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:bdc7ce24fe3415b842383b724a7b047e57c0b4d9c6a337d7e37ec3a0240ae3aa_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-grafana@sha256:d5ada30dc820a3de1427f254c135a99ca536967468a2226460280762df0bfb51_s390x",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:1b92afa99776b34acf3914be637b0b3f87183ea356e002374a346f743d0fbee9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:30094a2d586aa282d85e14f1be19abec1c30ce431673377b0e1c12d83e6bac8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube@sha256:b40632149ed909c2e31a17a02a3be398dafe0a4a98155ed32ba26e325d59bd6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:1cb288910131721f331cdcc9becdaf80079f5fa9463d2542dbb3486b8c24aeb2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:3f206c2ca0472d318ed03d164c7c1502796974da881136060677154bc5432415_amd64",
"8Base-RHOSE-4.6:openshift4/ose-installer@sha256:9ed644315d09cb234ef7d2c320d90320f90acab4e7cd02b1edecd1dd70803b27_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:a83f489e6dfed3eb6ce278d258b38495fdc2aa859479cbc650f39ff9bcd20d5a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c2d3f4a903bdbec0886b75307a245fc7026c6d565fa84d8f3cb4045d98e73807_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy@sha256:c75977f28becdf4f7065cfa37233464dd31208b1767e620c4f19658f53f8ff8c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4f083e19d266d8f4ad99291611a6be61a386baf3fa6c3c91a870e36ce78f224f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:a1aaf99f2ed745c5353d9fc715fa8e9111f42165e3012fad73640c438ba6aa6f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8@sha256:db37cb205d439f2f41460c1a999e5a1658d5d4c712da205d1bfc541ed6c8802b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:2bac48ef1a315044b613748bc658d1c845ab1abea39532e09d3889eb7953de48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:38b6fc60b4f2523ba62d608bde564e33a997ec95061d1cb5ef7d4eab33e811a7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:4a46e3747dc06988cd1829a7894c8659fee871f8748169642427b736e13449a8_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:0b9d098e883a6cb424d53adfd20dabbc69166b1469711c335761582853556f7f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:ca154447f53eacc9e75593f387332ed678955f0c765a48a86a7416db487c6327_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:d0383d0a12c1e466fd174b88794d7c711d7f83825ec0a865b6e7cdf7b996e2ee_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:29e4182964e31acb6a337f79f4c498f17af512c53275e326f5d93e99cb7f52e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:50ea07b9c9d7133070d2b6a00b0bbe36a516339b5f0b5bb3209414e00ba90c4c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:f1d35f3cbac7daf880e610e4a5c74d3f02a5bf6b5390a025b2052cd5aeb5ac34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:7ff6f0b05fe8745da0f05859a1b47963fbde2fedcc2c1ff62a58ab328cd3e5a4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8923050603588c27d79b33b371afb651288470d5cdeb14f8e10249bca1a1c461_amd64",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator@sha256:8ba570265280d760cf6e054cc57ebce8a4d23cf0a4a6ea907d30ab20b1403bc6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:1feb5f55be6515748434e85d964b598e23713052178b9f20ecb8ec90622dfa92_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:6792231e4d68c0ecb99fb6a6b84ac440bdb7b39a6ac2e6301e2ef1e7a42bf49b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8@sha256:8715ccc988da9ae0b87a968f3446126d40285253cabc66a00cdb4229bd8b7d20_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:5ee61f34c2b93b177421cac8113fce5a224313baf2a3556117e398cd0ff98ccc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:9c98ed359166dc561c5263f6d17bf405337c0dab4b863f8d46717425821ce5b6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:1f9b5cdad6b99d6600bd2cc8a84c1e437c8331f5dab751661346a3da5e4e4cd0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:692e5fbf1bfd423fcd070710827d250ba90f2a9b3a83d5733f5409623a97a279_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller@sha256:92feaeb8763ece68147b522bfa8914bcd429e9825185b9b9c05247ad2857d03f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:575315a7ef56d3dd79cc3168e2da0402c26513fa52f9fb58419926d49d1acab7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:8f4882cff3c2f9521215eac681c5abda42876e3e955431c1387fb457940b8344_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni@sha256:f5fcb42944c53576b6de1ef5ef0bfb80b897436da0ceeafa479f60de970f3d90_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:2aa932d65ba26e1b3d43f2f6dfd449340d8af58e7e17bc760eff377b3fbad3e9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:71051bdf1b96c953fc1dfd48359915bf5c027613de6f5e2fa8adeea8d3dda311_amd64",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8@sha256:f149203f2c9f3234af24a36fecc268db4cc24bdf88f03873ede0133b518c5352_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:09bb788108857b012667b33f6425c020c23d709d31290d2bb7a38bdca784e6eb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:438853b35d2b83ede099cdc3a99af125831af40f7eb25fed9bf2dcaaa73f4142_s390x",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6bada08687c20afe316c1f8cf76f001f31bedae317f256f3df3affaa5d0dc25e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:b266b64b19c9cec6c90d3f44ad0f91a25047096de100a3d473d6ce4dbc538b31_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:cf565b2fab365e027962a25a8cffb41aa35cb5a00d001e081d53c7fed5a0c54b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8@sha256:e14c842685cd54d9ceb6430ef19264e31b0dd7427d35ff91cf7adb22588ca2b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:65206861218064576dc092040e9c24b0393b8a07502e351f513400f187f38cc7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:818978073b5cbc15db861658c5507fad09a8a23e7de9ced6193a62add25bfa77_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8@sha256:df287b066257b1e807668129d3f6cfc37b1606f9f9b5277a5d4faa9a2541e6e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:12b11e2000b42ce1aaa228d9c1f4c9177395add2fa43835e667b7fc9007e40e6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:9f7135ccec32280c59a06bb10ef65362c36b049c199dff62fbe44a3fcf30531e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy@sha256:c2d130162e860838ec639d20e45a7035b8c32abee4e553cadee5337b583f1227_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:12720291bb0b3f1383b1ebb177fc3bae30e88eb649a15646192f4109f38b0523_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:7584014b0cb8cb2c5a09b909c79f2f8ad6e49854bcfabf72e96a22330bcf6f56_amd64",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8@sha256:9fef759bac42047c95178369ef654c00bf95f537265763c42b08b03fbbc894f3_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:70d12c47a7325ff21f28dce89b3a4669e18f3616851b9938059d073a60bd9bba_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:cd2d195fdf3e6fa112b69de3c9fdcd933b56f24449685ccbffd341798bfe2128_s390x",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8@sha256:dc6a6a1d4a6b2af67421561e53d1af1d40c99ae72de69f4c3cc390d447f12269_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:4103b9efd7738c90c2f3cc9fc51b8ef5bfb3b44c11c8a6b75aa8d9624b6e1ca9_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:ae6a5decd040a6b3adfa074d3211ab92a36b77b2d849962d9a678e1c2c5ef5c1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager@sha256:fee69b61720b1da6e8b9ae1a8d8eb7e5d320cb0aa4780753ff1ff0cea898ad34_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:01626d98c80e44e0cd3a522ad019eb236e39c30b0dfff0ac5a6fa98686159286_amd64",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:074d537eaec94a9036b80aa532c7af708387590643e0bbfd588e2ae0f48b3b61_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace@sha256:9fde1473f9638dfbb874edd583ba62338ad0c448d6e67d07e2c58deb9b967ba6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:2f25f264fcead905730117c57a7ab412deeefe86de46ae50ab275aa6eaaa5b6f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:611928fa6488da3595ab5fe2f9c4ae3f7b6ae733a5230596f41d78d9f962a701_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry@sha256:cf4f2d5c38d111332a5b5c34bb849af1dbb9454a7fdaeb948eebcaeaf54e750a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:167af95fa836ca3261e8c42bdce1350ce108878026ff24f0f9b977f092a75c14_s390x",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:3d0361f380abf5252b1b640e3ceaaab8274e2af8cdb605b20b513a1a44b3a4dc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-prometheus@sha256:58985a62b8c03775daf07ac34b4eb388a8580764e02e81161a417d0317068626_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:03e79580c44127b674e26ed7e862af0455bcc24cf57dc7b89521abbc767a2987_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:51be85895ecc556a9c20f375c474c124d0f223ad389e32b92bb01d76b7a637d9_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c52aecac9bafd116fa4d396fa33063531032ceefa0f5dff840924f2eeb97b885_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:26a3222b3ea873a0058d9051dd4eed5fb854d9ec55b1abbe60be3bd62369ca9e_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:351c87d233640b37cabfb501815dc984531d9a40136579c01284f510da50a225_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:6d0680d08dc677257d2cc1e3b2567b37e9897b9545ec8f787519898481087c93_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:357e35286fd26fed015c03a9c451f6fdcf61cf0821d959025e7f800e7c533f29_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:5069cdbbdbf1df8fdabad40eb4a9e5d42c7f3d819a1c5b79f61bdb06af5f9972_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator@sha256:690701d72b67b77031d9f7c324a809020aa3bfe0f4e79f9836d6f94b27b4076f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2c31cab007643542acb715e54fd018124ede6bec6f2bfe1fa6836942674dd97d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:86e6c11baa3e622bf7bb86303c8974234cadea61d43648af0073bfe946d834aa_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:b2d25652042ba5704e02f8282d7f118d176908f30a2ebe83ac471d3a4daf96ea_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:5670a38e6f6c57cdee99fcf3d6cde967d130b9ef291971375f83cda4636468cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:73364cccb4895f5627eca48c040f741028853bbed89676e81f9a682fb7a02ebe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ac4af55c3b49b6239d4230791fa6b3e9158915511c504150543678f4316753fa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:00e74b3ea8c217f688c8970c8842023b5a7e79fc1efa7a76b20058a6ccdf77f4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c9dc26bf9cdc0e39af7fe9053c6beed6c6bca081c1148232640f9dca05e22b76_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:fea1077d7f1a8cdf3bde0e7d81a9626e3ab982efc32f2afae1449cd7e038765e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:637c806260d93ce47cd67920c88ec3a7b4097749496e8b65adcc3575efe3a89c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:836bd487919e6739ee0f640a553b22129a833f1528bd03b5db728a58216628b4_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:e9f4193a25cc3aef17780bbb1a2f54b31d57e34e01c59fb58ced2443c372278f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:309209d2962c3eda51bef2d30954d17aaa70e3337ecb6819ec2a4415bfb041c6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:712f5587b13f4073a0a7453d3a641de37fee98d9c64c3f4137668a8437455655_amd64",
"8Base-RHOSE-4.6:openshift4/ose-tests@sha256:75e72530f98984cef463c116ec4144dd249ae27fb58eb70038961b7e811cf843_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function"
}
]
}
RHSA-2023:0552
Vulnerability from csaf_redhat - Published: 2023-01-31 13:15 - Updated: 2026-01-08 09:44Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods (CVE-2020-11023)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* nodejs-moment: Regular expression denial of service (CVE-2017-18214)
* wildfly-elytron: possible timing attacks via use of unsafe comparator (CVE-2022-3143)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods (CVE-2020-11023)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)\n\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* nodejs-moment: Regular expression denial of service (CVE-2017-18214)\n\n* wildfly-elytron: possible timing attacks via use of unsafe comparator (CVE-2022-3143)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0552",
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "JBEAP-23864",
"url": "https://issues.redhat.com/browse/JBEAP-23864"
},
{
"category": "external",
"summary": "JBEAP-23865",
"url": "https://issues.redhat.com/browse/JBEAP-23865"
},
{
"category": "external",
"summary": "JBEAP-23866",
"url": "https://issues.redhat.com/browse/JBEAP-23866"
},
{
"category": "external",
"summary": "JBEAP-23926",
"url": "https://issues.redhat.com/browse/JBEAP-23926"
},
{
"category": "external",
"summary": "JBEAP-24055",
"url": "https://issues.redhat.com/browse/JBEAP-24055"
},
{
"category": "external",
"summary": "JBEAP-24081",
"url": "https://issues.redhat.com/browse/JBEAP-24081"
},
{
"category": "external",
"summary": "JBEAP-24095",
"url": "https://issues.redhat.com/browse/JBEAP-24095"
},
{
"category": "external",
"summary": "JBEAP-24100",
"url": "https://issues.redhat.com/browse/JBEAP-24100"
},
{
"category": "external",
"summary": "JBEAP-24127",
"url": "https://issues.redhat.com/browse/JBEAP-24127"
},
{
"category": "external",
"summary": "JBEAP-24128",
"url": "https://issues.redhat.com/browse/JBEAP-24128"
},
{
"category": "external",
"summary": "JBEAP-24132",
"url": "https://issues.redhat.com/browse/JBEAP-24132"
},
{
"category": "external",
"summary": "JBEAP-24147",
"url": "https://issues.redhat.com/browse/JBEAP-24147"
},
{
"category": "external",
"summary": "JBEAP-24167",
"url": "https://issues.redhat.com/browse/JBEAP-24167"
},
{
"category": "external",
"summary": "JBEAP-24191",
"url": "https://issues.redhat.com/browse/JBEAP-24191"
},
{
"category": "external",
"summary": "JBEAP-24195",
"url": "https://issues.redhat.com/browse/JBEAP-24195"
},
{
"category": "external",
"summary": "JBEAP-24207",
"url": "https://issues.redhat.com/browse/JBEAP-24207"
},
{
"category": "external",
"summary": "JBEAP-24248",
"url": "https://issues.redhat.com/browse/JBEAP-24248"
},
{
"category": "external",
"summary": "JBEAP-24426",
"url": "https://issues.redhat.com/browse/JBEAP-24426"
},
{
"category": "external",
"summary": "JBEAP-24427",
"url": "https://issues.redhat.com/browse/JBEAP-24427"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0552.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update",
"tracking": {
"current_release_date": "2026-01-08T09:44:23+00:00",
"generator": {
"date": "2026-01-08T09:44:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2023:0552",
"initial_release_date": "2023-01-31T13:15:22+00:00",
"revision_history": [
{
"date": "2023-01-31T13:15:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-31T13:15:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-08T09:44:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.9.3-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.12.7-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el7eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.9.3-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria-enterprise@1.0.1-3.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jgroups@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jms@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-engine@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-orm@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-serialization-avro@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.16-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-24.Final_redhat_00023.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-24.Final_redhat_00023.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2017-18214",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-03-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1553413"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-moment: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of momentjs as shipped with Red Hat Enterprise Satellite 5. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.\n\nIn Quay 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-18214"
},
{
"category": "external",
"summary": "RHBZ#1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-18214",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18214"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214"
}
],
"release_date": "2017-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-moment: Regular expression denial of service"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14041",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14041"
},
{
"category": "external",
"summary": "RHBZ#1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nStatic code analysis controls ensure that security flaws, including XSS vulnerabilities, are detected early in development by scanning code for improper input handling. This prevents vulnerable code from reaching production and encourages our developers to follow secure coding practices. System monitoring controls play a crucial role in detecting and responding to XSS attacks by analyzing logs, monitoring user behavior, and generating alerts for suspicious activity. Meanwhile, AWS WAF (Web Application Firewall) adds an extra layer of defense by filtering and blocking malicious input before it reaches the platform and/or application. Together, these controls create a defense-in-depth approach, reducing the risk of XSS exploitation by preventing, detecting, and mitigating attacks at multiple levels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2022-3143",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124682"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: possible timing attacks via use of unsafe comparator",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3143"
},
{
"category": "external",
"summary": "RHBZ#2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: possible timing attacks via use of unsafe comparator"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "CXF: SSRF Vulnerability"
}
]
}
RHBA-2019:1570
Vulnerability from csaf_redhat - Published: 2019-06-20 14:47 - Updated: 2026-01-08 09:44Summary
Red Hat Bug Fix Advisory: ovirt-engine-api-explorer bug fix and enhancement update for RHV 4.3.4
Notes
Topic
Updated ovirt-engine-api-explorer packages that fix several bugs and add various enhancements are now available.
Details
The ovirt-engine-api-explorer package provides a web application for exploring the oVirt API documentation.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated ovirt-engine-api-explorer packages that fix several bugs and add various enhancements are now available.",
"title": "Topic"
},
{
"category": "general",
"text": "The ovirt-engine-api-explorer package provides a web application for exploring the oVirt API documentation.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2019:1570",
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
},
{
"category": "external",
"summary": "1710688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710688"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhba-2019_1570.json"
}
],
"title": "Red Hat Bug Fix Advisory: ovirt-engine-api-explorer bug fix and enhancement update for RHV 4.3.4",
"tracking": {
"current_release_date": "2026-01-08T09:44:03+00:00",
"generator": {
"date": "2026-01-08T09:44:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHBA-2019:1570",
"initial_release_date": "2019-06-20T14:47:51+00:00",
"revision_history": [
{
"date": "2019-06-20T14:47:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-06-20T14:47:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-08T09:44:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHV-M 4.3",
"product": {
"name": "RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhev_manager:4.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src",
"product": {
"name": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src",
"product_id": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-api-explorer@0.0.5-1.el7ev?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"product": {
"name": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"product_id": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-api-explorer@0.0.5-1.el7ev?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch as a component of RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch"
},
"product_reference": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHV-S-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src as a component of RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
},
"product_reference": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src",
"relates_to_product_reference": "7Server-RHV-S-4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-20T14:47:51+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-20T14:47:51+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-20T14:47:51+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-20T14:47:51+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
}
]
}
RHSA-2023:1045
Vulnerability from csaf_redhat - Published: 2023-03-01 21:45 - Updated: 2026-01-08 11:39Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 9
Notes
Topic
New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.6.2 on RHEL 9 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)
* Moment.js: Path traversal in moment.locale (CVE-2022-24785)
* keycloak: missing email notification template allowlist (CVE-2022-1274)
* keycloak: minimist: prototype pollution (CVE-2021-44906)
* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)
* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)
* keycloak: path traversal via double URL encoding (CVE-2022-3782)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)
* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)
* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)
* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)
* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)
* keycloak: reflected XSS attack (CVE-2022-4137)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.6.2 on RHEL 9 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n* keycloak: missing email notification template allowlist (CVE-2022-1274)\n* keycloak: minimist: prototype pollution (CVE-2021-44906)\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)\n* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)\n* keycloak: path traversal via double URL encoding (CVE-2022-3782)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)\n* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)\n* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)\n* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)\n* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n* jquery: Passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)\n* keycloak: reflected XSS attack (CVE-2022-4137)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1045",
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "2031904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904"
},
{
"category": "external",
"summary": "2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "2073157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157"
},
{
"category": "external",
"summary": "2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "2117506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2138971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138971"
},
{
"category": "external",
"summary": "2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "2141404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2148496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "2158585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585"
},
{
"category": "external",
"summary": "2160585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1045.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 9",
"tracking": {
"current_release_date": "2026-01-08T11:39:48+00:00",
"generator": {
"date": "2026-01-08T11:39:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2023:1045",
"initial_release_date": "2023-03-01T21:45:17+00:00",
"revision_history": [
{
"date": "2023-03-01T21:45:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-03-01T21:45:17+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-08T11:39:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Single Sign-On 7.6 for RHEL 9",
"product": {
"name": "Red Hat Single Sign-On 7.6 for RHEL 9",
"product_id": "9Base-RHSSO-7.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"product": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"product_id": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1.el9sso?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"product": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"product_id": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1.el9sso?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"product": {
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"product_id": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak-server@18.0.6-1.redhat_00001.1.el9sso?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 9",
"product_id": "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
},
"product_reference": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"relates_to_product_reference": "9Base-RHSSO-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src as a component of Red Hat Single Sign-On 7.6 for RHEL 9",
"product_id": "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src"
},
"product_reference": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"relates_to_product_reference": "9Base-RHSSO-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 9",
"product_id": "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
},
"product_reference": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"relates_to_product_reference": "9Base-RHSSO-7.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nStatic code analysis controls ensure that security flaws, including XSS vulnerabilities, are detected early in development by scanning code for improper input handling. This prevents vulnerable code from reaching production and encourages our developers to follow secure coding practices. System monitoring controls play a crucial role in detecting and responding to XSS attacks by analyzing logs, monitoring user behavior, and generating alerts for suspicious activity. Meanwhile, AWS WAF (Web Application Firewall) adds an extra layer of defense by filtering and blocking malicious input before it reaches the platform and/or application. Together, these controls create a defense-in-depth approach, reducing the risk of XSS exploitation by preventing, detecting, and mitigating attacks at multiple levels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2021-35065",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156324"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glob-parent: Regular Expression Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35065"
},
{
"category": "external",
"summary": "RHBZ#2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35065"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294",
"url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294"
}
],
"release_date": "2022-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "glob-parent: Regular Expression Denial of Service"
},
{
"cve": "CVE-2021-44906",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066009"
}
],
"notes": [
{
"category": "description",
"text": "An Uncontrolled Resource Consumption flaw was found in minimist. The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. This flaw (CVE-2021-44906) allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimist: prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "As minimist is an argument parsing module for nodejs, exploitation of this vulnerability requires an attacker to influence which arguments are passed to nodejs when running a script. Red Hat products and services are designed in such a way that gaining this ability is not trivial. Additionally, the impact is limited by only enabling the pollution of functions, and not all generic objects.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44906"
},
{
"category": "external",
"summary": "RHBZ#2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h",
"url": "https://github.com/advisories/GHSA-xvch-5gv4-984h"
}
],
"release_date": "2022-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimist: prototype pollution"
},
{
"acknowledgments": [
{
"names": [
"Marcus Nilsson"
],
"organization": "usd AG"
}
],
"cve": "CVE-2022-1274",
"cwe": {
"id": "CWE-80",
"name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
},
"discovery_date": "2022-04-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073157"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: HTML injection in execute-actions-email Admin REST API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1274"
},
{
"category": "external",
"summary": "RHBZ#2073157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1274",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1274"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725"
}
],
"release_date": "2023-02-28T18:57:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: HTML injection in execute-actions-email Admin REST API"
},
{
"acknowledgments": [
{
"names": [
"Grzegorz Tworek"
],
"organization": "SISOFT s.c."
}
],
"cve": "CVE-2022-1438",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2021-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2031904"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: XSS on impersonation under specific circumstances",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1438"
},
{
"category": "external",
"summary": "RHBZ#2031904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1438",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1438"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438"
}
],
"release_date": "2023-02-28T18:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: XSS on impersonation under specific circumstances"
},
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"cve": "CVE-2022-2764",
"discovery_date": "2022-08-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2117506"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK from the bytes, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2764"
},
{
"category": "external",
"summary": "RHBZ#2117506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2764",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2764"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764"
}
],
"release_date": "2022-08-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations"
},
{
"acknowledgments": [
{
"names": [
"Peter Flintholm"
],
"organization": "Trifork"
}
],
"cve": "CVE-2022-3916",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2022-11-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2141404"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Session takeover with OIDC offline refreshtokens",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3916"
},
{
"category": "external",
"summary": "RHBZ#2141404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3916"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916"
}
],
"release_date": "2022-11-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: Session takeover with OIDC offline refreshtokens"
},
{
"cve": "CVE-2022-4137",
"cwe": {
"id": "CWE-81",
"name": "Improper Neutralization of Script in an Error Message Web Page"
},
"discovery_date": "2022-11-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2148496"
}
],
"notes": [
{
"category": "description",
"text": "A reflected cross-site scripting (XSS) vulnerability was found in the \u0027oob\u0027 OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: reflected XSS attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4137"
},
{
"category": "external",
"summary": "RHBZ#2148496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4137",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137"
}
],
"release_date": "2023-03-01T13:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak: reflected XSS attack"
},
{
"cve": "CVE-2022-24785",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-04-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2072009"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Moment.js: Path traversal in moment.locale",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Quay 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24785"
},
{
"category": "external",
"summary": "RHBZ#2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4",
"url": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4"
}
],
"release_date": "2022-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
},
{
"category": "workaround",
"details": "Sanitize the user-provided locale name before passing it to Moment.js.",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Moment.js: Path traversal in moment.locale"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-31129",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105075"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "moment: inefficient parsing algorithm resulting in DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.\n\nIn Quay IO 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31129"
},
{
"category": "external",
"summary": "RHBZ#2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g",
"url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g"
}
],
"release_date": "2022-07-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "moment: inefficient parsing algorithm resulting in DoS"
},
{
"cve": "CVE-2022-37603",
"cwe": {
"id": "CWE-185",
"name": "Incorrect Regular Expression"
},
"discovery_date": "2022-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140597"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "loader-utils: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37603"
},
{
"category": "external",
"summary": "RHBZ#2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "loader-utils: Regular expression denial of service"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-38750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38750"
},
{
"category": "external",
"summary": "RHBZ#2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject"
},
{
"cve": "CVE-2022-38751",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38751"
},
{
"category": "external",
"summary": "RHBZ#2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46175",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156263"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json5: Prototype Pollution in JSON5 via Parse Method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The json5 package is a build-time dependency in Red Hat products and is not used in production runtime. Hence, the impact is set to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46175"
},
{
"category": "external",
"summary": "RHBZ#2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175"
},
{
"category": "external",
"summary": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h",
"url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h"
}
],
"release_date": "2022-12-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "json5: Prototype Pollution in JSON5 via Parse Method"
},
{
"cve": "CVE-2022-46363",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155681"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: directory listing / code exfiltration",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46363"
},
{
"category": "external",
"summary": "RHBZ#2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c",
"url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "CXF: directory listing / code exfiltration"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "CXF: SSRF Vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Sourav Kumar"
],
"organization": "https://github.com/souravs17031999",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-0091",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2158585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Client Registration endpoint does not check token revocation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0091"
},
{
"category": "external",
"summary": "RHBZ#2158585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0091"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg"
},
{
"category": "external",
"summary": "https://github.com/keycloak/security/issues/27",
"url": "https://github.com/keycloak/security/issues/27"
}
],
"release_date": "2022-10-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "keycloak: Client Registration endpoint does not check token revocation"
},
{
"acknowledgments": [
{
"names": [
"Jordi Zayuelas i Mu\u00f1oz"
],
"organization": "A1 Digital",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-0264",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2023-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2160585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak\u0027s OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, Integrity, and availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: user impersonation via stolen uuid code",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0264"
},
{
"category": "external",
"summary": "RHBZ#2160585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0264"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264"
}
],
"release_date": "2023-02-28T18:58:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: user impersonation via stolen uuid code"
}
]
}
RHSA-2021:4142
Vulnerability from csaf_redhat - Published: 2021-11-09 17:49 - Updated: 2025-11-21 18:26Summary
Red Hat Security Advisory: pcs security, bug fix, and enhancement update
Notes
Topic
An update for pcs is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.
The following packages have been upgraded to a later upstream version: pcs (0.10.10). (BZ#1935594)
Security Fix(es):
* jquery: Cross-site scripting (XSS) via <script> HTML tags containing whitespaces (CVE-2020-7656)
* jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods (CVE-2020-11023)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for pcs is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.\n\nThe following packages have been upgraded to a later upstream version: pcs (0.10.10). (BZ#1935594)\n\nSecurity Fix(es):\n\n* jquery: Cross-site scripting (XSS) via \u003cscript\u003e HTML tags containing whitespaces (CVE-2020-7656)\n\n* jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods (CVE-2020-11023)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:4142",
"url": "https://access.redhat.com/errata/RHSA-2021:4142"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/"
},
{
"category": "external",
"summary": "1290830",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1290830"
},
{
"category": "external",
"summary": "1432097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1432097"
},
{
"category": "external",
"summary": "1678273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678273"
},
{
"category": "external",
"summary": "1690419",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690419"
},
{
"category": "external",
"summary": "1720221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1720221"
},
{
"category": "external",
"summary": "1759995",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1759995"
},
{
"category": "external",
"summary": "1841019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1841019"
},
{
"category": "external",
"summary": "1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "1850119",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850119"
},
{
"category": "external",
"summary": "1854238",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854238"
},
{
"category": "external",
"summary": "1872378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1872378"
},
{
"category": "external",
"summary": "1885293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1885293"
},
{
"category": "external",
"summary": "1885302",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1885302"
},
{
"category": "external",
"summary": "1896458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1896458"
},
{
"category": "external",
"summary": "1909901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1909901"
},
{
"category": "external",
"summary": "1922996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922996"
},
{
"category": "external",
"summary": "1927384",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927384"
},
{
"category": "external",
"summary": "1927394",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927394"
},
{
"category": "external",
"summary": "1930886",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930886"
},
{
"category": "external",
"summary": "1935594",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1935594"
},
{
"category": "external",
"summary": "1984901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1984901"
},
{
"category": "external",
"summary": "1991654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1991654"
},
{
"category": "external",
"summary": "1992668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992668"
},
{
"category": "external",
"summary": "1998454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1998454"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_4142.json"
}
],
"title": "Red Hat Security Advisory: pcs security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2025-11-21T18:26:10+00:00",
"generator": {
"date": "2025-11-21T18:26:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2021:4142",
"initial_release_date": "2021-11-09T17:49:34+00:00",
"revision_history": [
{
"date": "2021-11-09T17:49:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-11-09T17:49:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:26:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux High Availability (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux High Availability (v. 8)",
"product_id": "HighAvailability-8.5.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::highavailability"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Resilient Storage (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux Resilient Storage (v. 8)",
"product_id": "ResilientStorage-8.5.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::resilientstorage"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.10-4.el8.src",
"product": {
"name": "pcs-0:0.10.10-4.el8.src",
"product_id": "pcs-0:0.10.10-4.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.10-4.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.10-4.el8.aarch64",
"product": {
"name": "pcs-0:0.10.10-4.el8.aarch64",
"product_id": "pcs-0:0.10.10-4.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.10-4.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.10-4.el8.aarch64",
"product": {
"name": "pcs-snmp-0:0.10.10-4.el8.aarch64",
"product_id": "pcs-snmp-0:0.10.10-4.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.10-4.el8?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.10-4.el8.ppc64le",
"product": {
"name": "pcs-0:0.10.10-4.el8.ppc64le",
"product_id": "pcs-0:0.10.10-4.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.10-4.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.10-4.el8.ppc64le",
"product": {
"name": "pcs-snmp-0:0.10.10-4.el8.ppc64le",
"product_id": "pcs-snmp-0:0.10.10-4.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.10-4.el8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.10-4.el8.x86_64",
"product": {
"name": "pcs-0:0.10.10-4.el8.x86_64",
"product_id": "pcs-0:0.10.10-4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.10-4.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.10-4.el8.x86_64",
"product": {
"name": "pcs-snmp-0:0.10.10-4.el8.x86_64",
"product_id": "pcs-snmp-0:0.10.10-4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.10-4.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.10-4.el8.s390x",
"product": {
"name": "pcs-0:0.10.10-4.el8.s390x",
"product_id": "pcs-0:0.10.10-4.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.10-4.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.10-4.el8.s390x",
"product": {
"name": "pcs-snmp-0:0.10.10-4.el8.s390x",
"product_id": "pcs-snmp-0:0.10.10-4.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.10-4.el8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.10-4.el8.aarch64 as a component of Red Hat Enterprise Linux High Availability (v. 8)",
"product_id": "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64"
},
"product_reference": "pcs-0:0.10.10-4.el8.aarch64",
"relates_to_product_reference": "HighAvailability-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.10-4.el8.ppc64le as a component of Red Hat Enterprise Linux High Availability (v. 8)",
"product_id": "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le"
},
"product_reference": "pcs-0:0.10.10-4.el8.ppc64le",
"relates_to_product_reference": "HighAvailability-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.10-4.el8.s390x as a component of Red Hat Enterprise Linux High Availability (v. 8)",
"product_id": "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x"
},
"product_reference": "pcs-0:0.10.10-4.el8.s390x",
"relates_to_product_reference": "HighAvailability-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.10-4.el8.src as a component of Red Hat Enterprise Linux High Availability (v. 8)",
"product_id": "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.src"
},
"product_reference": "pcs-0:0.10.10-4.el8.src",
"relates_to_product_reference": "HighAvailability-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.10-4.el8.x86_64 as a component of Red Hat Enterprise Linux High Availability (v. 8)",
"product_id": "HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64"
},
"product_reference": "pcs-0:0.10.10-4.el8.x86_64",
"relates_to_product_reference": "HighAvailability-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.10-4.el8.aarch64 as a component of Red Hat Enterprise Linux High Availability (v. 8)",
"product_id": "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64"
},
"product_reference": "pcs-snmp-0:0.10.10-4.el8.aarch64",
"relates_to_product_reference": "HighAvailability-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.10-4.el8.ppc64le as a component of Red Hat Enterprise Linux High Availability (v. 8)",
"product_id": "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le"
},
"product_reference": "pcs-snmp-0:0.10.10-4.el8.ppc64le",
"relates_to_product_reference": "HighAvailability-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.10-4.el8.s390x as a component of Red Hat Enterprise Linux High Availability (v. 8)",
"product_id": "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x"
},
"product_reference": "pcs-snmp-0:0.10.10-4.el8.s390x",
"relates_to_product_reference": "HighAvailability-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.10-4.el8.x86_64 as a component of Red Hat Enterprise Linux High Availability (v. 8)",
"product_id": "HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64"
},
"product_reference": "pcs-snmp-0:0.10.10-4.el8.x86_64",
"relates_to_product_reference": "HighAvailability-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.10-4.el8.aarch64 as a component of Red Hat Enterprise Linux Resilient Storage (v. 8)",
"product_id": "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64"
},
"product_reference": "pcs-0:0.10.10-4.el8.aarch64",
"relates_to_product_reference": "ResilientStorage-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.10-4.el8.ppc64le as a component of Red Hat Enterprise Linux Resilient Storage (v. 8)",
"product_id": "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le"
},
"product_reference": "pcs-0:0.10.10-4.el8.ppc64le",
"relates_to_product_reference": "ResilientStorage-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.10-4.el8.s390x as a component of Red Hat Enterprise Linux Resilient Storage (v. 8)",
"product_id": "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x"
},
"product_reference": "pcs-0:0.10.10-4.el8.s390x",
"relates_to_product_reference": "ResilientStorage-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.10-4.el8.src as a component of Red Hat Enterprise Linux Resilient Storage (v. 8)",
"product_id": "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.src"
},
"product_reference": "pcs-0:0.10.10-4.el8.src",
"relates_to_product_reference": "ResilientStorage-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.10-4.el8.x86_64 as a component of Red Hat Enterprise Linux Resilient Storage (v. 8)",
"product_id": "ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64"
},
"product_reference": "pcs-0:0.10.10-4.el8.x86_64",
"relates_to_product_reference": "ResilientStorage-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.10-4.el8.aarch64 as a component of Red Hat Enterprise Linux Resilient Storage (v. 8)",
"product_id": "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64"
},
"product_reference": "pcs-snmp-0:0.10.10-4.el8.aarch64",
"relates_to_product_reference": "ResilientStorage-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.10-4.el8.ppc64le as a component of Red Hat Enterprise Linux Resilient Storage (v. 8)",
"product_id": "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le"
},
"product_reference": "pcs-snmp-0:0.10.10-4.el8.ppc64le",
"relates_to_product_reference": "ResilientStorage-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.10-4.el8.s390x as a component of Red Hat Enterprise Linux Resilient Storage (v. 8)",
"product_id": "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x"
},
"product_reference": "pcs-snmp-0:0.10.10-4.el8.s390x",
"relates_to_product_reference": "ResilientStorage-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.10-4.el8.x86_64 as a component of Red Hat Enterprise Linux Resilient Storage (v. 8)",
"product_id": "ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64"
},
"product_reference": "pcs-snmp-0:0.10.10-4.el8.x86_64",
"relates_to_product_reference": "ResilientStorage-8.5.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.src",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.src",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:49:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.src",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.src",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4142"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.src",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.src",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-7656",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850119"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jquery in versions prior to 1.9.0. A cross-site scripting attack is possible as the load method fails to recognize and remove \"\u003cscript\u003e\" HTML tags that contain a whitespace character which results in the enclosed script logic to be executed. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting (XSS) via \u003cscript\u003e HTML tags containing whitespaces",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux version 6, 7 and 8 ship a vulnerable version of JQuery in the `pcs` component. However the vulnerable has not been found to be exploitable in reasonable scenarios. A future update may update JQuery to a fixed version.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.src",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.src",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7656"
},
{
"category": "external",
"summary": "RHBZ#1850119",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850119"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7656"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7656",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7656"
}
],
"release_date": "2020-05-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:49:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.src",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.src",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4142"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.src",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.src",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting (XSS) via \u003cscript\u003e HTML tags containing whitespaces"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nStatic code analysis controls ensure that security flaws, including XSS vulnerabilities, are detected early in development by scanning code for improper input handling. This prevents vulnerable code from reaching production and encourages our developers to follow secure coding practices. System monitoring controls play a crucial role in detecting and responding to XSS attacks by analyzing logs, monitoring user behavior, and generating alerts for suspicious activity. Meanwhile, AWS WAF (Web Application Firewall) adds an extra layer of defense by filtering and blocking malicious input before it reaches the platform and/or application. Together, these controls create a defense-in-depth approach, reducing the risk of XSS exploitation by preventing, detecting, and mitigating attacks at multiple levels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.src",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.src",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:49:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.src",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.src",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4142"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.src",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.src",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.src",
"HighAvailability-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x",
"HighAvailability-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.aarch64",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.ppc64le",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.s390x",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.src",
"ResilientStorage-8.5.0.GA:pcs-0:0.10.10-4.el8.x86_64",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.aarch64",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.ppc64le",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.s390x",
"ResilientStorage-8.5.0.GA:pcs-snmp-0:0.10.10-4.el8.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
}
]
}
RHSA-2020:4670
Vulnerability from csaf_redhat - Published: 2020-11-04 01:31 - Updated: 2026-01-08 09:44Summary
Red Hat Security Advisory: idm:DL1 and idm:client security, bug fix, and enhancement update
Notes
Topic
An update for the idm:DL1 and idm:client modules is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.
The following packages have been upgraded to a later upstream version: ipa (4.8.7), softhsm (2.6.0), opendnssec (2.1.6). (BZ#1759888, BZ#1818765, BZ#1818877)
Security Fix(es):
* js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* js-jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* ipa: No password length restriction leads to denial of service (CVE-2020-1722)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the idm:DL1 and idm:client modules is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. \n\nThe following packages have been upgraded to a later upstream version: ipa (4.8.7), softhsm (2.6.0), opendnssec (2.1.6). (BZ#1759888, BZ#1818765, BZ#1818877)\n\nSecurity Fix(es):\n\n* js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* js-jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* ipa: No password length restriction leads to denial of service (CVE-2020-1722)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4670",
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1430365",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1430365"
},
{
"category": "external",
"summary": "1488732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1488732"
},
{
"category": "external",
"summary": "1585020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1585020"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1651577",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1651577"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701233",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701233"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1746830",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746830"
},
{
"category": "external",
"summary": "1750893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1750893"
},
{
"category": "external",
"summary": "1751295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1751295"
},
{
"category": "external",
"summary": "1757045",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757045"
},
{
"category": "external",
"summary": "1759888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1759888"
},
{
"category": "external",
"summary": "1768156",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1768156"
},
{
"category": "external",
"summary": "1777806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777806"
},
{
"category": "external",
"summary": "1793071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793071"
},
{
"category": "external",
"summary": "1801698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801698"
},
{
"category": "external",
"summary": "1802471",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1802471"
},
{
"category": "external",
"summary": "1809835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1809835"
},
{
"category": "external",
"summary": "1810154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810154"
},
{
"category": "external",
"summary": "1810179",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810179"
},
{
"category": "external",
"summary": "1813330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813330"
},
{
"category": "external",
"summary": "1816784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816784"
},
{
"category": "external",
"summary": "1818765",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1818765"
},
{
"category": "external",
"summary": "1818877",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1818877"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1831732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831732"
},
{
"category": "external",
"summary": "1831935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831935"
},
{
"category": "external",
"summary": "1832331",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1832331"
},
{
"category": "external",
"summary": "1833266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1833266"
},
{
"category": "external",
"summary": "1834264",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834264"
},
{
"category": "external",
"summary": "1834909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834909"
},
{
"category": "external",
"summary": "1845211",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845211"
},
{
"category": "external",
"summary": "1845537",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845537"
},
{
"category": "external",
"summary": "1845596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845596"
},
{
"category": "external",
"summary": "1846352",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1846352"
},
{
"category": "external",
"summary": "1846434",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1846434"
},
{
"category": "external",
"summary": "1847999",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1847999"
},
{
"category": "external",
"summary": "1849914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849914"
},
{
"category": "external",
"summary": "1851411",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851411"
},
{
"category": "external",
"summary": "1852244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852244"
},
{
"category": "external",
"summary": "1853263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853263"
},
{
"category": "external",
"summary": "1857157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857157"
},
{
"category": "external",
"summary": "1858318",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1858318"
},
{
"category": "external",
"summary": "1859213",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1859213"
},
{
"category": "external",
"summary": "1863079",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1863079"
},
{
"category": "external",
"summary": "1863616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1863616"
},
{
"category": "external",
"summary": "1866291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866291"
},
{
"category": "external",
"summary": "1866938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866938"
},
{
"category": "external",
"summary": "1868432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868432"
},
{
"category": "external",
"summary": "1869311",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869311"
},
{
"category": "external",
"summary": "1870202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1870202"
},
{
"category": "external",
"summary": "1874015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874015"
},
{
"category": "external",
"summary": "1875348",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875348"
},
{
"category": "external",
"summary": "1879604",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879604"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4670.json"
}
],
"title": "Red Hat Security Advisory: idm:DL1 and idm:client security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2026-01-08T09:44:17+00:00",
"generator": {
"date": "2026-01-08T09:44:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2020:4670",
"initial_release_date": "2020-11-04T01:31:18+00:00",
"revision_history": [
{
"date": "2020-11-04T01:31:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-11-04T01:31:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-08T09:44:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"product": {
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src (idm:DL1)",
"product_id": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"product": {
"name": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src (idm:DL1)",
"product_id": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/custodia@0.6.0-3.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"product": {
"name": "ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src (idm:DL1)",
"product_id": "ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"product": {
"name": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src (idm:DL1)",
"product_id": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-healthcheck@0.4-6.module%2Bel8.3.0%2B7710%2Be2408ce4?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"product": {
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src (idm:DL1)",
"product_id": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"product": {
"name": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src (idm:DL1)",
"product_id": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-jwcrypto@0.5.0-1.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"product": {
"name": "python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src (idm:DL1)",
"product_id": "python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-kdcproxy@0.4-5.module%2Bel8.2.0%2B4691%2Ba05b2456?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"product": {
"name": "python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src (idm:DL1)",
"product_id": "python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-qrcode@5.1-12.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"product": {
"name": "python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src (idm:DL1)",
"product_id": "python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-yubico@1.3.2-9.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"product": {
"name": "pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src (idm:DL1)",
"product_id": "pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pyusb@1.0.0-9.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"product": {
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src (idm:DL1)",
"product_id": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"product": {
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src (idm:DL1)",
"product_id": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"product": {
"name": "ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src (idm:client)",
"product_id": "ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=src\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"product": {
"name": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src (idm:client)",
"product_id": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-healthcheck@0.4-6.module%2Bel8.3.0%2B7711%2Bc4441980?arch=src\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"product": {
"name": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src (idm:client)",
"product_id": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-jwcrypto@0.5.0-1.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=src\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"product": {
"name": "python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src (idm:client)",
"product_id": "python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-qrcode@5.1-12.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=src\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"product": {
"name": "python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src (idm:client)",
"product_id": "python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-yubico@1.3.2-9.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=src\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"product": {
"name": "pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src (idm:client)",
"product_id": "pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pyusb@1.0.0-9.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=src\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"product": {
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64 (idm:DL1)",
"product_id": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"product": {
"name": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64 (idm:DL1)",
"product_id": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debuginfo@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"product": {
"name": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64 (idm:DL1)",
"product_id": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debugsource@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1)",
"product_id": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1)",
"product_id": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1)",
"product_id": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1)",
"product_id": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1)",
"product_id": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1)",
"product_id": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product": {
"name": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1)",
"product_id": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product": {
"name": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1)",
"product_id": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product": {
"name": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1)",
"product_id": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product": {
"name": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1)",
"product_id": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"product": {
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64 (idm:DL1)",
"product_id": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"product": {
"name": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64 (idm:DL1)",
"product_id": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debuginfo@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"product": {
"name": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64 (idm:DL1)",
"product_id": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debugsource@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product": {
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1)",
"product_id": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product": {
"name": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1)",
"product_id": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debuginfo@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product": {
"name": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1)",
"product_id": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debugsource@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"product": {
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64 (idm:DL1)",
"product_id": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"product": {
"name": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64 (idm:DL1)",
"product_id": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debuginfo@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"product": {
"name": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64 (idm:DL1)",
"product_id": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debugsource@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"product": {
"name": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64 (idm:DL1)",
"product_id": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-devel@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"product": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64 (idm:client)",
"product_id": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=x86_64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"product": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64 (idm:client)",
"product_id": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=x86_64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"product": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64 (idm:client)",
"product_id": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=x86_64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"product": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64 (idm:client)",
"product_id": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=x86_64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"product": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64 (idm:client)",
"product_id": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=x86_64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"product": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64 (idm:client)",
"product_id": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=x86_64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"product": {
"name": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch (idm:DL1)",
"product_id": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/custodia@0.6.0-3.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"product": {
"name": "ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch (idm:DL1)",
"product_id": "ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-common@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"product": {
"name": "ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch (idm:DL1)",
"product_id": "ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-common@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"product": {
"name": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch (idm:DL1)",
"product_id": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-healthcheck@0.4-6.module%2Bel8.3.0%2B7710%2Be2408ce4?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"product": {
"name": "ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch (idm:DL1)",
"product_id": "ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-healthcheck-core@0.4-6.module%2Bel8.3.0%2B7710%2Be2408ce4?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"product": {
"name": "ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch (idm:DL1)",
"product_id": "ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-python-compat@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"product": {
"name": "ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch (idm:DL1)",
"product_id": "ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-selinux@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"product": {
"name": "ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch (idm:DL1)",
"product_id": "ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-common@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"product": {
"name": "ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch (idm:DL1)",
"product_id": "ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-dns@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"product": {
"name": "python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch (idm:DL1)",
"product_id": "python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-custodia@0.6.0-3.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"product": {
"name": "python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch (idm:DL1)",
"product_id": "python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ipaclient@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"product": {
"name": "python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch (idm:DL1)",
"product_id": "python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ipalib@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"product": {
"name": "python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch (idm:DL1)",
"product_id": "python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ipaserver@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"product": {
"name": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch (idm:DL1)",
"product_id": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-jwcrypto@0.5.0-1.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"product": {
"name": "python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch (idm:DL1)",
"product_id": "python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-kdcproxy@0.4-5.module%2Bel8.2.0%2B4691%2Ba05b2456?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"product": {
"name": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch (idm:DL1)",
"product_id": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pyusb@1.0.0-9.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"product": {
"name": "python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch (idm:DL1)",
"product_id": "python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qrcode@5.1-12.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"product": {
"name": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch (idm:DL1)",
"product_id": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qrcode-core@5.1-12.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"product": {
"name": "python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch (idm:DL1)",
"product_id": "python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-yubico@1.3.2-9.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"product": {
"name": "ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch (idm:client)",
"product_id": "ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-common@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"product": {
"name": "ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch (idm:client)",
"product_id": "ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-common@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"product": {
"name": "ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch (idm:client)",
"product_id": "ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-healthcheck-core@0.4-6.module%2Bel8.3.0%2B7711%2Bc4441980?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"product": {
"name": "ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch (idm:client)",
"product_id": "ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-python-compat@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"product": {
"name": "ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch (idm:client)",
"product_id": "ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-selinux@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"product": {
"name": "python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch (idm:client)",
"product_id": "python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ipaclient@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"product": {
"name": "python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch (idm:client)",
"product_id": "python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ipalib@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"product": {
"name": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch (idm:client)",
"product_id": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-jwcrypto@0.5.0-1.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"product": {
"name": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch (idm:client)",
"product_id": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pyusb@1.0.0-9.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"product": {
"name": "python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch (idm:client)",
"product_id": "python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qrcode@5.1-12.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"product": {
"name": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch (idm:client)",
"product_id": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qrcode-core@5.1-12.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"product": {
"name": "python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch (idm:client)",
"product_id": "python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-yubico@1.3.2-9.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"product": {
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x (idm:DL1)",
"product_id": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"product": {
"name": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x (idm:DL1)",
"product_id": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debuginfo@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"product": {
"name": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x (idm:DL1)",
"product_id": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debugsource@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1)",
"product_id": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1)",
"product_id": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1)",
"product_id": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1)",
"product_id": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1)",
"product_id": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1)",
"product_id": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product": {
"name": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1)",
"product_id": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product": {
"name": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1)",
"product_id": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product": {
"name": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1)",
"product_id": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product": {
"name": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1)",
"product_id": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"product": {
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x (idm:DL1)",
"product_id": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"product": {
"name": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x (idm:DL1)",
"product_id": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debuginfo@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"product": {
"name": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x (idm:DL1)",
"product_id": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debugsource@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product": {
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1)",
"product_id": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product": {
"name": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1)",
"product_id": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debuginfo@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product": {
"name": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1)",
"product_id": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debugsource@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"product": {
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x (idm:DL1)",
"product_id": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"product": {
"name": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x (idm:DL1)",
"product_id": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debuginfo@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"product": {
"name": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x (idm:DL1)",
"product_id": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debugsource@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"product": {
"name": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x (idm:DL1)",
"product_id": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-devel@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"product": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x (idm:client)",
"product_id": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=s390x\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"product": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x (idm:client)",
"product_id": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=s390x\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"product": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x (idm:client)",
"product_id": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=s390x\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"product": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x (idm:client)",
"product_id": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=s390x\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"product": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x (idm:client)",
"product_id": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=s390x\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"product": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x (idm:client)",
"product_id": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=s390x\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"product": {
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le (idm:DL1)",
"product_id": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"product": {
"name": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le (idm:DL1)",
"product_id": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debuginfo@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"product": {
"name": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le (idm:DL1)",
"product_id": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debugsource@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1)",
"product_id": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1)",
"product_id": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1)",
"product_id": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1)",
"product_id": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1)",
"product_id": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1)",
"product_id": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product": {
"name": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1)",
"product_id": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product": {
"name": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1)",
"product_id": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product": {
"name": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1)",
"product_id": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product": {
"name": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1)",
"product_id": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"product": {
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le (idm:DL1)",
"product_id": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"product": {
"name": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le (idm:DL1)",
"product_id": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debuginfo@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"product": {
"name": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le (idm:DL1)",
"product_id": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debugsource@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product": {
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1)",
"product_id": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product": {
"name": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1)",
"product_id": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debuginfo@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product": {
"name": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1)",
"product_id": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debugsource@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"product": {
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le (idm:DL1)",
"product_id": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"product": {
"name": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le (idm:DL1)",
"product_id": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debuginfo@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"product": {
"name": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le (idm:DL1)",
"product_id": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debugsource@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"product": {
"name": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le (idm:DL1)",
"product_id": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-devel@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"product": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le (idm:client)",
"product_id": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=ppc64le\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"product": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le (idm:client)",
"product_id": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=ppc64le\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"product": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le (idm:client)",
"product_id": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=ppc64le\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"product": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le (idm:client)",
"product_id": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=ppc64le\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"product": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le (idm:client)",
"product_id": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=ppc64le\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"product": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le (idm:client)",
"product_id": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=ppc64le\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"product": {
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64 (idm:DL1)",
"product_id": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"product": {
"name": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64 (idm:DL1)",
"product_id": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debuginfo@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"product": {
"name": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64 (idm:DL1)",
"product_id": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debugsource@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1)",
"product_id": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1)",
"product_id": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1)",
"product_id": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1)",
"product_id": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1)",
"product_id": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1)",
"product_id": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product": {
"name": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1)",
"product_id": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product": {
"name": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1)",
"product_id": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product": {
"name": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1)",
"product_id": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product": {
"name": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1)",
"product_id": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"product": {
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64 (idm:DL1)",
"product_id": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"product": {
"name": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64 (idm:DL1)",
"product_id": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debuginfo@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"product": {
"name": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64 (idm:DL1)",
"product_id": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debugsource@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product": {
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1)",
"product_id": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product": {
"name": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1)",
"product_id": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debuginfo@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product": {
"name": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1)",
"product_id": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debugsource@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"product": {
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64 (idm:DL1)",
"product_id": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"product": {
"name": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64 (idm:DL1)",
"product_id": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debuginfo@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"product": {
"name": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64 (idm:DL1)",
"product_id": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debugsource@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"product": {
"name": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64 (idm:DL1)",
"product_id": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-devel@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"product": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64 (idm:client)",
"product_id": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=aarch64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"product": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64 (idm:client)",
"product_id": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=aarch64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"product": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64 (idm:client)",
"product_id": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=aarch64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"product": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64 (idm:client)",
"product_id": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=aarch64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"product": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64 (idm:client)",
"product_id": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=aarch64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"product": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64 (idm:client)",
"product_id": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=aarch64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1"
},
"product_reference": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1"
},
"product_reference": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1"
},
"product_reference": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1"
},
"product_reference": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1"
},
"product_reference": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1"
},
"product_reference": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1"
},
"product_reference": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1"
},
"product_reference": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1"
},
"product_reference": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1"
},
"product_reference": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1"
},
"product_reference": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1"
},
"product_reference": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1"
},
"product_reference": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1"
},
"product_reference": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1"
},
"product_reference": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1"
},
"product_reference": "ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client"
},
"product_reference": "ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1"
},
"product_reference": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1"
},
"product_reference": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1"
},
"product_reference": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1"
},
"product_reference": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64 (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client"
},
"product_reference": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client"
},
"product_reference": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client"
},
"product_reference": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64 (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client"
},
"product_reference": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1"
},
"product_reference": "ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client"
},
"product_reference": "ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1"
},
"product_reference": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1"
},
"product_reference": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1"
},
"product_reference": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1"
},
"product_reference": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64 (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client"
},
"product_reference": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client"
},
"product_reference": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client"
},
"product_reference": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64 (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client"
},
"product_reference": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1"
},
"product_reference": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1"
},
"product_reference": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1"
},
"product_reference": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1"
},
"product_reference": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64 (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client"
},
"product_reference": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client"
},
"product_reference": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client"
},
"product_reference": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64 (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client"
},
"product_reference": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1"
},
"product_reference": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1"
},
"product_reference": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1"
},
"product_reference": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1"
},
"product_reference": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64 (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client"
},
"product_reference": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client"
},
"product_reference": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client"
},
"product_reference": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64 (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client"
},
"product_reference": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1"
},
"product_reference": "ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client"
},
"product_reference": "ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1"
},
"product_reference": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1"
},
"product_reference": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1"
},
"product_reference": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1"
},
"product_reference": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64 (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client"
},
"product_reference": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client"
},
"product_reference": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client"
},
"product_reference": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64 (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client"
},
"product_reference": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1"
},
"product_reference": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1"
},
"product_reference": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1"
},
"product_reference": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1"
},
"product_reference": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64 (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client"
},
"product_reference": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client"
},
"product_reference": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client"
},
"product_reference": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64 (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client"
},
"product_reference": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1"
},
"product_reference": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1"
},
"product_reference": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client"
},
"product_reference": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1"
},
"product_reference": "ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client"
},
"product_reference": "ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1"
},
"product_reference": "ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client"
},
"product_reference": "ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1"
},
"product_reference": "ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client"
},
"product_reference": "ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1"
},
"product_reference": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1"
},
"product_reference": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1"
},
"product_reference": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1"
},
"product_reference": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1"
},
"product_reference": "ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1"
},
"product_reference": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1"
},
"product_reference": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1"
},
"product_reference": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1"
},
"product_reference": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1"
},
"product_reference": "ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1"
},
"product_reference": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1"
},
"product_reference": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1"
},
"product_reference": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1"
},
"product_reference": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1"
},
"product_reference": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1"
},
"product_reference": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1"
},
"product_reference": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1"
},
"product_reference": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1"
},
"product_reference": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1"
},
"product_reference": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1"
},
"product_reference": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1"
},
"product_reference": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1"
},
"product_reference": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1"
},
"product_reference": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1"
},
"product_reference": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1"
},
"product_reference": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1"
},
"product_reference": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1"
},
"product_reference": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1"
},
"product_reference": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1"
},
"product_reference": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1"
},
"product_reference": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1"
},
"product_reference": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client"
},
"product_reference": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1"
},
"product_reference": "python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1"
},
"product_reference": "python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client"
},
"product_reference": "python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1"
},
"product_reference": "python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client"
},
"product_reference": "python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1"
},
"product_reference": "python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1"
},
"product_reference": "python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client"
},
"product_reference": "python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1"
},
"product_reference": "python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client"
},
"product_reference": "python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1"
},
"product_reference": "python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1"
},
"product_reference": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client"
},
"product_reference": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1"
},
"product_reference": "python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1"
},
"product_reference": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client"
},
"product_reference": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1"
},
"product_reference": "python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client"
},
"product_reference": "python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1"
},
"product_reference": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client"
},
"product_reference": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1"
},
"product_reference": "python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client"
},
"product_reference": "python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1"
},
"product_reference": "pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client"
},
"product_reference": "pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1"
},
"product_reference": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1"
},
"product_reference": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1"
},
"product_reference": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1"
},
"product_reference": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1"
},
"product_reference": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1"
},
"product_reference": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1"
},
"product_reference": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1"
},
"product_reference": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1"
},
"product_reference": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1"
},
"product_reference": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1"
},
"product_reference": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1"
},
"product_reference": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1"
},
"product_reference": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1"
},
"product_reference": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1"
},
"product_reference": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1"
},
"product_reference": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1"
},
"product_reference": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
},
"product_reference": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1"
},
"product_reference": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1"
},
"product_reference": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1"
},
"product_reference": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
},
"product_reference": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1"
},
"product_reference": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1"
},
"product_reference": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1"
},
"product_reference": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
},
"product_reference": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1"
},
"product_reference": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1"
},
"product_reference": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1"
},
"product_reference": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64 (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
},
"product_reference": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"acknowledgments": [
{
"names": [
"Pritam Singh"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-1722",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1793071"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in IPA. When sending a very long password (\u003e= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unresponsive. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ipa: No password length restriction leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1722"
},
{
"category": "external",
"summary": "RHBZ#1793071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793071"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1722",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1722"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1722",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1722"
}
],
"release_date": "2020-04-14T04:26:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "ipa: No password length restriction leads to denial of service"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x::idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x::idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src::idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x::idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch::idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch::idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch::idm:client",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src::idm:DL1",
"AppStream-8.3.0.GA:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src::idm:client",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x::idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src::idm:DL1",
"AppStream-8.3.0.GA:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x::idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64::idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
}
]
}
RHSA-2019:1456
Vulnerability from csaf_redhat - Published: 2019-06-11 15:32 - Updated: 2026-01-08 09:44Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.3.2 security update
Notes
Topic
A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.3.2 serves as a replacement for Red Hat Single Sign-On 7.3.1, and includes bug fixes and enhancements, which are documented in the Release Notes document.
Security Fix(es):
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)
* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)
* picketlink: reflected XSS in SAMLRequest via RelayState parameter (CVE-2019-3872)
* picketlink: URL injection via xinclude parameter (CVE-2019-3873)
* keycloak: X.509 authentication: CRL signatures are not verified (CVE-2019-3875)
* undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed (CVE-2019-3888)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* keycloak: Node.js adapter internal NBF can be manipulated (CVE-2019-10157)
* js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.2 serves as a replacement for Red Hat Single Sign-On 7.3.1, and includes bug fixes and enhancements, which are documented in the Release Notes document.\n\nSecurity Fix(es):\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)\n\n* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)\n\n* picketlink: reflected XSS in SAMLRequest via RelayState parameter (CVE-2019-3872)\n\n* picketlink: URL injection via xinclude parameter (CVE-2019-3873)\n\n* keycloak: X.509 authentication: CRL signatures are not verified (CVE-2019-3875)\n\n* undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed (CVE-2019-3888)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* keycloak: Node.js adapter internal NBF can be manipulated (CVE-2019-10157)\n\n* js-jquery: prototype pollution in object\u0027s prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:1456",
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso\u0026downloadType=securityPatches\u0026version=7.3",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso\u0026downloadType=securityPatches\u0026version=7.3"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/"
},
{
"category": "external",
"summary": "1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1688966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1688966"
},
{
"category": "external",
"summary": "1689014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1689014"
},
{
"category": "external",
"summary": "1690628",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690628"
},
{
"category": "external",
"summary": "1693777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693777"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1702953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1702953"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_1456.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.3.2 security update",
"tracking": {
"current_release_date": "2026-01-08T09:44:13+00:00",
"generator": {
"date": "2026-01-08T09:44:13+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2019:1456",
"initial_release_date": "2019-06-11T15:32:12+00:00",
"revision_history": [
{
"date": "2019-06-11T15:32:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-06-11T15:32:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-08T09:44:13+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Single Sign-On 7.3.2 zip",
"product": {
"name": "Red Hat Single Sign-On 7.3.2 zip",
"product_id": "Red Hat Single Sign-On 7.3.2 zip",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_single_sign_on:7.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-14041",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14041"
},
{
"category": "external",
"summary": "RHBZ#1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-3872",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1688966"
}
],
"notes": [
{
"category": "description",
"text": "It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unauthorized information or conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "picketlink: reflected XSS in SAMLRequest via RelayState parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3872"
},
{
"category": "external",
"summary": "RHBZ#1688966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1688966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3872",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3872"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3872",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3872"
}
],
"release_date": "2019-06-10T15:16:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "picketlink: reflected XSS in SAMLRequest via RelayState parameter"
},
{
"cve": "CVE-2019-3873",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1689014"
}
],
"notes": [
{
"category": "description",
"text": "It was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would accept an xinclude parameter in SAMLresponse XML. An attacker could use this flaw to send a URL to achieve cross-site scripting or possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "picketlink: URL injection via xinclude parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3873"
},
{
"category": "external",
"summary": "RHBZ#1689014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1689014"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3873",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3873"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3873",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3873"
}
],
"release_date": "2019-06-10T15:16:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "picketlink: URL injection via xinclude parameter"
},
{
"acknowledgments": [
{
"names": [
"Marek Posolda"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-3875",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2019-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1690628"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in keycloak before 6.0.2. The X.509 authenticator supports the verification of client certificates through the CRL, where the CRL list can be obtained from the URL provided in the certificate itself (CDP) or through the separately configured path. The CRL are often available over the network through unsecured protocols (\u0027http\u0027 or \u0027ldap\u0027) and hence the caller should verify the signature and possibly the certification path. Keycloak currently doesn\u0027t validate signatures on CRL, which can result in a possibility of various attacks like man-in-the-middle.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: missing signatures validation on CRL used to verify client certificates",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3875"
},
{
"category": "external",
"summary": "RHBZ#1690628",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690628"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3875",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3875"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3875",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3875"
}
],
"release_date": "2019-06-11T14:22:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: missing signatures validation on CRL used to verify client certificates"
},
{
"acknowledgments": [
{
"names": [
"Carter Kozak"
]
}
],
"cve": "CVE-2019-3888",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"discovery_date": "2019-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1693777"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUEST_LOGGER.undertowRequestFailed(t, exchange)",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3888"
},
{
"category": "external",
"summary": "RHBZ#1693777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693777"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3888",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3888"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3888",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3888"
}
],
"release_date": "2019-06-10T15:13:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-10157",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"discovery_date": "2019-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1702953"
}
],
"notes": [
{
"category": "description",
"text": "It was found that Keycloak\u0027s Node.js adapter did not properly verify the web token received from the server in its backchannel logout. An attacker with local access could use this to construct a malicious web token setting an NBF parameter that could prevent user access indefinitely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Node.js adapter internal NBF can be manipulated leading to DoS.",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10157"
},
{
"category": "external",
"summary": "RHBZ#1702953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1702953"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10157",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10157"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10157",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10157"
}
],
"release_date": "2019-06-11T14:23:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "keycloak: Node.js adapter internal NBF can be manipulated leading to DoS."
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
}
]
}
RHSA-2020:2412
Vulnerability from csaf_redhat - Published: 2020-07-13 17:22 - Updated: 2026-01-08 12:09Summary
Red Hat Security Advisory: OpenShift Container Platform 4.5 container image security update
Notes
Topic
An update is now available for Red Hat OpenShift Container Platform 4.5.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
Security Fix(es):
* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allowed for panic (CVE-2020-9283)
* kubernetes: Denial of service in API server via crafted YAML payloads by authorized users (CVE-2019-11254)
* js-jquery: prototype pollution in object's prototype led to denial of service or remote code execution or property injection (CVE-2019-11358)
* kubernetes: node localhost services reachable via martian packets (CVE-2020-8558)
* containernetworking/plugins: IPv6 router advertisements allowed for MitM attacks on IPv4 clusters (CVE-2020-10749)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenShift Container Platform 4.5.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allowed for panic (CVE-2020-9283)\n\n* kubernetes: Denial of service in API server via crafted YAML payloads by authorized users (CVE-2019-11254)\n\n* js-jquery: prototype pollution in object\u0027s prototype led to denial of service or remote code execution or property injection (CVE-2019-11358)\n\n* kubernetes: node localhost services reachable via martian packets (CVE-2020-8558)\n\n* containernetworking/plugins: IPv6 router advertisements allowed for MitM attacks on IPv4 clusters (CVE-2020-10749)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jQuery: passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:2412",
"url": "https://access.redhat.com/errata/RHSA-2020:2412"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1804533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1804533"
},
{
"category": "external",
"summary": "1819486",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819486"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1833220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1833220"
},
{
"category": "external",
"summary": "1843358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843358"
},
{
"category": "external",
"summary": "1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2412.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.5 container image security update",
"tracking": {
"current_release_date": "2026-01-08T12:09:44+00:00",
"generator": {
"date": "2026-01-08T12:09:44+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2020:2412",
"initial_release_date": "2020-07-13T17:22:28+00:00",
"revision_history": [
{
"date": "2020-07-13T17:22:28+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-07-13T17:22:28+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-08T12:09:44+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.5",
"product": {
"name": "Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.5::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"product": {
"name": "openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"product_id": "openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-logging-operator\u0026tag=v4.5.0-202007012112.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"product": {
"name": "openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"product_id": "openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-multus-cni\u0026tag=v4.5.0-202007012112.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64",
"product": {
"name": "openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64",
"product_id": "openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-oauth-server-rhel7\u0026tag=v4.5.0-202007012112.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"product_id": "openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.5.0-202007012112.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"product": {
"name": "openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"product_id": "openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.5.0-202007012112.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"product": {
"name": "openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"product_id": "openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-hyperkube\u0026tag=v4.5.0-202007100518.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"product": {
"name": "openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"product_id": "openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-machine-approver\u0026tag=v4.5.0-202007012112.p0"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64"
},
"product_reference": "openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64"
},
"product_reference": "openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64"
},
"product_reference": "openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64"
},
"product_reference": "openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64"
},
"product_reference": "openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
},
"product_reference": "openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-11252",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"discovery_date": "2020-07-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1860158"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Kubernetes that allows the logging of credentials when mounting AzureFile and CephFS volumes. This flaw allows an attacker to access kubelet logs, read the credentials, and use them to access other services. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubernetes: credential leak in kube-controller-manager via error messages in mount failure logs and events for AzureFile and CephFS volumes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) included the upstream patch for this flaw in the release of version 4.5. Prior versions are affected as OCP 4 supports AzureFile volumes and OCP 3 supports both AzureFile and CephFS volumes. OCP clusters not using these volume types are not vulnerable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11252"
},
{
"category": "external",
"summary": "RHBZ#1860158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860158"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11252",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11252"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11252",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11252"
}
],
"release_date": "2020-03-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-13T17:22:28+00:00",
"details": "For OpenShift Container Platform 4.5 see the following documentation, which\nwill be updated shortly for release 4.5.1, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2412"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kubernetes: credential leak in kube-controller-manager via error messages in mount failure logs and events for AzureFile and CephFS volumes"
},
{
"cve": "CVE-2019-11254",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-04-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1819486"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubernetes: Denial of service in API server via crafted YAML payloads by authorized users",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The upstream Kubernetes fix for this vulnerability is to update the version of the Go dependency, gopkg.in/yaml.v2. This issue affects OpenShift Container Platform components that use versions before 2.2.8 of gopkg.in/yaml.v2 and accept YAML payloads.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11254"
},
{
"category": "external",
"summary": "RHBZ#1819486",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819486"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11254",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11254"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11254",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11254"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc",
"url": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/wuwEwZigXBc"
}
],
"release_date": "2020-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-13T17:22:28+00:00",
"details": "For OpenShift Container Platform 4.5 see the following documentation, which\nwill be updated shortly for release 4.5.1, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2412"
},
{
"category": "workaround",
"details": "Prevent unauthenticated or unauthorized access to the API server",
"product_ids": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kubernetes: Denial of service in API server via crafted YAML payloads by authorized users"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-13T17:22:28+00:00",
"details": "For OpenShift Container Platform 4.5 see the following documentation, which\nwill be updated shortly for release 4.5.1, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2412"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"acknowledgments": [
{
"names": [
"the Kubernetes Product Security Committee"
]
},
{
"names": [
"Yuval Avrahami",
"Ariel Zelivansky"
],
"organization": "Palo Alto Networks",
"summary": "Acknowledged by upstream."
},
{
"names": [
"J\u00e1nos K\u00f6v\u00e9r"
],
"organization": "Ericsson",
"summary": "Acknowledged by upstream."
},
{
"names": [
"Rory McCune"
],
"organization": "NCC Group",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-8558",
"cwe": {
"id": "CWE-300",
"name": "Channel Accessible by Non-Endpoint"
},
"discovery_date": "2020-05-29T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1843358"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Kubernetes that allows attackers on adjacent networks to reach services exposed on localhost ports, previously thought to be unreachable. This flaw allows an attacker to gain privileges or access confidential information for any services listening on localhost ports that are not protected by authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubernetes: node localhost services reachable via martian packets",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform does not expose the API server on a localhost port without authentication. The only service exposed on a localhost port not protected by authentication is Metrics, which exposes some cluster metadata.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8558"
},
{
"category": "external",
"summary": "RHBZ#1843358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843358"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8558",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8558"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8558",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8558"
},
{
"category": "external",
"summary": "https://groups.google.com/g/kubernetes-security-announce/c/B1VegbBDMTE",
"url": "https://groups.google.com/g/kubernetes-security-announce/c/B1VegbBDMTE"
}
],
"release_date": "2020-07-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-13T17:22:28+00:00",
"details": "For OpenShift Container Platform 4.5 see the following documentation, which\nwill be updated shortly for release 4.5.1, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2412"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kubernetes: node localhost services reachable via martian packets"
},
{
"cve": "CVE-2020-9283",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2020-02-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1804533"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the SSH package of the golang.org/x/crypto library. An attacker could exploit this flaw by supplying crafted SSH ed25519 keys to cause a crash in applications that use this package as either an SSH client or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform uses the vulnerable library in a number of components but strictly as an SSH client. The severity of this vulnerability is reduced for clients as it requires connections to malicious SSH servers, with the maximum impact only a client crash. This vulnerability is rated Low for OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-9283"
},
{
"category": "external",
"summary": "RHBZ#1804533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1804533"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-9283",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9283"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/golang-announce/3L45YRc91SY",
"url": "https://groups.google.com/forum/#!topic/golang-announce/3L45YRc91SY"
}
],
"release_date": "2020-02-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-13T17:22:28+00:00",
"details": "For OpenShift Container Platform 4.5 see the following documentation, which\nwill be updated shortly for release 4.5.1, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2412"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic"
},
{
"acknowledgments": [
{
"names": [
"the Kubernetes Product Security Committee"
]
},
{
"names": [
"Etienne Champetier"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-10749",
"cwe": {
"id": "CWE-300",
"name": "Channel Accessible by Non-Endpoint"
},
"discovery_date": "2020-05-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1833220"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in affected container networking implementations that allow malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending \u201crogue\u201d IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform 4, the default network plugin, OpenShift SDN, and OVN Kubernetes, do not forward IPv6 traffic, making this vulnerability not exploitable. The affected code from containernetworking/plugins is however still included in these plugins, hence this vulnerability is rated Low for both OpenShift SDN and OVN-Kubernetes.\n\nIPv6 traffic is not forwarded by the OpenShift SDN in OpenShift Container Platform 3.11, making this vulnerability not exploitable. However, the affected code from containernetworking/plugins is still included in the atomic-openshift package, hence this vulnerability is rated Low for OpenShift Container Platform 3.11.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10749"
},
{
"category": "external",
"summary": "RHBZ#1833220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1833220"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10749",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10749"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/BMb_6ICCfp8",
"url": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/BMb_6ICCfp8"
}
],
"release_date": "2020-06-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-13T17:22:28+00:00",
"details": "For OpenShift Container Platform 4.5 see the following documentation, which\nwill be updated shortly for release 4.5.1, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2412"
},
{
"category": "workaround",
"details": "Prevent untrusted, non-privileged containers from running with CAP_NET_RAW.",
"product_ids": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-13T17:22:28+00:00",
"details": "For OpenShift Container Platform 4.5 see the following documentation, which\nwill be updated shortly for release 4.5.1, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2412"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nStatic code analysis controls ensure that security flaws, including XSS vulnerabilities, are detected early in development by scanning code for improper input handling. This prevents vulnerable code from reaching production and encourages our developers to follow secure coding practices. System monitoring controls play a crucial role in detecting and responding to XSS attacks by analyzing logs, monitoring user behavior, and generating alerts for suspicious activity. Meanwhile, AWS WAF (Web Application Firewall) adds an extra layer of defense by filtering and blocking malicious input before it reaches the platform and/or application. Together, these controls create a defense-in-depth approach, reducing the risk of XSS exploitation by preventing, detecting, and mitigating attacks at multiple levels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-13T17:22:28+00:00",
"details": "For OpenShift Container Platform 4.5 see the following documentation, which\nwill be updated shortly for release 4.5.1, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2412"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-capacity@sha256:d5e08d20c26a06ba87da356e9d2214b3c2a9b0f95b7e38028afbd8bb48b1ca92_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-logging-operator@sha256:ba8d0825e4a292d16eae81a02bc24bb069ed547e9d1910449746cf0a643d2fe2_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-cluster-machine-approver@sha256:42c4d1b8d4597b6d36f0d38579484bfeae16bbbdcf08801405ee19e6758a361d_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:9b3eae3982cbfe287635f85a3eecf9aabdb233d3e6c8df725190e214d4521034_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-hyperkube@sha256:4e2b3627fe571bc63d57290cf96b914d45ebe2e0efe0b14bd3530fd34e7b288c_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-multus-cni@sha256:2a2674e5f2422cb2f1c61299cbd5a72576161d12707f86b5131e46c13d5f33e3_amd64",
"7Server-RH7-RHOSE-4.5:openshift4/ose-oauth-server-rhel7@sha256:143209653c725c16da6312e1cc7cc1a8c6ac634aee1eb6d5d52c31244cadc6df_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
}
]
}
RHSA-2023:0554
Vulnerability from csaf_redhat - Published: 2023-01-31 13:15 - Updated: 2026-01-08 09:44Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jquery: Prototype pollution in object's prototype leading to denial of
service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute
(CVE-2018-14040)
* jquery: Untrusted code execution via <option> tag in HTML passed to DOM
manipulation methods (CVE-2020-11023)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method
(CVE-2020-11022)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy
(CVE-2018-14041)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability
(CVE-2022-45047)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of
Service attacks (CVE-2022-40152)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of
tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip or popover data-template attribute
(CVE-2019-8331)
* nodejs-moment: Regular expression denial of service (CVE-2017-18214)
* wildfly-elytron: possible timing attacks via use of unsafe comparator
(CVE-2022-3143)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS
(CVE-2022-42003)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jettison: memory exhaustion via user-supplied XML or JSON data
(CVE-2022-40150)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of\nservice, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute\n(CVE-2018-14040)\n\n* jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM\nmanipulation methods (CVE-2020-11023)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method\n(CVE-2020-11022)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy\n(CVE-2018-14041)\n\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability\n(CVE-2022-45047)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of\nService attacks (CVE-2022-40152)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of\ntooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute\n(CVE-2019-8331)\n\n* nodejs-moment: Regular expression denial of service (CVE-2017-18214)\n\n* wildfly-elytron: possible timing attacks via use of unsafe comparator\n(CVE-2022-3143)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS\n(CVE-2022-42003)\n\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data\n(CVE-2022-40150)\n\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0554",
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "JBEAP-23864",
"url": "https://issues.redhat.com/browse/JBEAP-23864"
},
{
"category": "external",
"summary": "JBEAP-23865",
"url": "https://issues.redhat.com/browse/JBEAP-23865"
},
{
"category": "external",
"summary": "JBEAP-23866",
"url": "https://issues.redhat.com/browse/JBEAP-23866"
},
{
"category": "external",
"summary": "JBEAP-23928",
"url": "https://issues.redhat.com/browse/JBEAP-23928"
},
{
"category": "external",
"summary": "JBEAP-24055",
"url": "https://issues.redhat.com/browse/JBEAP-24055"
},
{
"category": "external",
"summary": "JBEAP-24081",
"url": "https://issues.redhat.com/browse/JBEAP-24081"
},
{
"category": "external",
"summary": "JBEAP-24095",
"url": "https://issues.redhat.com/browse/JBEAP-24095"
},
{
"category": "external",
"summary": "JBEAP-24100",
"url": "https://issues.redhat.com/browse/JBEAP-24100"
},
{
"category": "external",
"summary": "JBEAP-24127",
"url": "https://issues.redhat.com/browse/JBEAP-24127"
},
{
"category": "external",
"summary": "JBEAP-24128",
"url": "https://issues.redhat.com/browse/JBEAP-24128"
},
{
"category": "external",
"summary": "JBEAP-24132",
"url": "https://issues.redhat.com/browse/JBEAP-24132"
},
{
"category": "external",
"summary": "JBEAP-24147",
"url": "https://issues.redhat.com/browse/JBEAP-24147"
},
{
"category": "external",
"summary": "JBEAP-24167",
"url": "https://issues.redhat.com/browse/JBEAP-24167"
},
{
"category": "external",
"summary": "JBEAP-24191",
"url": "https://issues.redhat.com/browse/JBEAP-24191"
},
{
"category": "external",
"summary": "JBEAP-24195",
"url": "https://issues.redhat.com/browse/JBEAP-24195"
},
{
"category": "external",
"summary": "JBEAP-24207",
"url": "https://issues.redhat.com/browse/JBEAP-24207"
},
{
"category": "external",
"summary": "JBEAP-24248",
"url": "https://issues.redhat.com/browse/JBEAP-24248"
},
{
"category": "external",
"summary": "JBEAP-24426",
"url": "https://issues.redhat.com/browse/JBEAP-24426"
},
{
"category": "external",
"summary": "JBEAP-24427",
"url": "https://issues.redhat.com/browse/JBEAP-24427"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0554.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update",
"tracking": {
"current_release_date": "2026-01-08T09:44:20+00:00",
"generator": {
"date": "2026-01-08T09:44:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2023:0554",
"initial_release_date": "2023-01-31T13:15:23+00:00",
"revision_history": [
{
"date": "2023-01-31T13:15:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-31T13:15:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-08T09:44:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 9",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.9.3-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.12.7-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el9eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.9.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria-enterprise@1.0.1-3.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jgroups@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jms@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-engine@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-orm@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-serialization-avro@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.16-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-24.Final_redhat_00023.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-24.Final_redhat_00023.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.9-4.GA_redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.9-4.GA_redhat_00003.1.el9eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2017-18214",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-03-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1553413"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-moment: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of momentjs as shipped with Red Hat Enterprise Satellite 5. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.\n\nIn Quay 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-18214"
},
{
"category": "external",
"summary": "RHBZ#1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-18214",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18214"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214"
}
],
"release_date": "2017-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-moment: Regular expression denial of service"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14041",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14041"
},
{
"category": "external",
"summary": "RHBZ#1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nStatic code analysis controls ensure that security flaws, including XSS vulnerabilities, are detected early in development by scanning code for improper input handling. This prevents vulnerable code from reaching production and encourages our developers to follow secure coding practices. System monitoring controls play a crucial role in detecting and responding to XSS attacks by analyzing logs, monitoring user behavior, and generating alerts for suspicious activity. Meanwhile, AWS WAF (Web Application Firewall) adds an extra layer of defense by filtering and blocking malicious input before it reaches the platform and/or application. Together, these controls create a defense-in-depth approach, reducing the risk of XSS exploitation by preventing, detecting, and mitigating attacks at multiple levels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2022-3143",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124682"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: possible timing attacks via use of unsafe comparator",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3143"
},
{
"category": "external",
"summary": "RHBZ#2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: possible timing attacks via use of unsafe comparator"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "CXF: SSRF Vulnerability"
}
]
}
RHSA-2023:1043
Vulnerability from csaf_redhat - Published: 2023-03-01 22:02 - Updated: 2026-01-08 11:39Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 7
Notes
Topic
New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.6.2 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)
* Moment.js: Path traversal in moment.locale (CVE-2022-24785)
* keycloak: missing email notification template allowlist (CVE-2022-1274)
* keycloak: minimist: prototype pollution (CVE-2021-44906)
* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)
* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)
* keycloak: path traversal via double URL encoding (CVE-2022-3782)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)
* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)
* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)
* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)
* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)
* keycloak: reflected XSS attack (CVE-2022-4137)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.6.2 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n* keycloak: missing email notification template allowlist (CVE-2022-1274)\n* keycloak: minimist: prototype pollution (CVE-2021-44906)\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)\n* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)\n* keycloak: path traversal via double URL encoding (CVE-2022-3782)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)\n* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)\n* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)\n* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)\n* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n* jquery: Passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)\n* keycloak: reflected XSS attack (CVE-2022-4137)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1043",
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "2031904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904"
},
{
"category": "external",
"summary": "2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "2073157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157"
},
{
"category": "external",
"summary": "2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "2117506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2138971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138971"
},
{
"category": "external",
"summary": "2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "2141404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2148496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "2158585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585"
},
{
"category": "external",
"summary": "2160585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1043.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 7",
"tracking": {
"current_release_date": "2026-01-08T11:39:47+00:00",
"generator": {
"date": "2026-01-08T11:39:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2023:1043",
"initial_release_date": "2023-03-01T22:02:40+00:00",
"revision_history": [
{
"date": "2023-03-01T22:02:40+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-03-01T22:02:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-08T11:39:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Single Sign-On 7.6 for RHEL 7 Server",
"product": {
"name": "Red Hat Single Sign-On 7.6 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"product": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"product_id": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1.el7sso?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"product": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"product_id": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1.el7sso?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"product": {
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"product_id": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak-server@18.0.6-1.redhat_00001.1.el7sso?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
},
"product_reference": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"relates_to_product_reference": "7Server-RHSSO-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src as a component of Red Hat Single Sign-On 7.6 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src"
},
"product_reference": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"relates_to_product_reference": "7Server-RHSSO-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
},
"product_reference": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"relates_to_product_reference": "7Server-RHSSO-7.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nStatic code analysis controls ensure that security flaws, including XSS vulnerabilities, are detected early in development by scanning code for improper input handling. This prevents vulnerable code from reaching production and encourages our developers to follow secure coding practices. System monitoring controls play a crucial role in detecting and responding to XSS attacks by analyzing logs, monitoring user behavior, and generating alerts for suspicious activity. Meanwhile, AWS WAF (Web Application Firewall) adds an extra layer of defense by filtering and blocking malicious input before it reaches the platform and/or application. Together, these controls create a defense-in-depth approach, reducing the risk of XSS exploitation by preventing, detecting, and mitigating attacks at multiple levels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2021-35065",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156324"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glob-parent: Regular Expression Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35065"
},
{
"category": "external",
"summary": "RHBZ#2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35065"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294",
"url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294"
}
],
"release_date": "2022-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "glob-parent: Regular Expression Denial of Service"
},
{
"cve": "CVE-2021-44906",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066009"
}
],
"notes": [
{
"category": "description",
"text": "An Uncontrolled Resource Consumption flaw was found in minimist. The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. This flaw (CVE-2021-44906) allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimist: prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "As minimist is an argument parsing module for nodejs, exploitation of this vulnerability requires an attacker to influence which arguments are passed to nodejs when running a script. Red Hat products and services are designed in such a way that gaining this ability is not trivial. Additionally, the impact is limited by only enabling the pollution of functions, and not all generic objects.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44906"
},
{
"category": "external",
"summary": "RHBZ#2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h",
"url": "https://github.com/advisories/GHSA-xvch-5gv4-984h"
}
],
"release_date": "2022-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimist: prototype pollution"
},
{
"acknowledgments": [
{
"names": [
"Marcus Nilsson"
],
"organization": "usd AG"
}
],
"cve": "CVE-2022-1274",
"cwe": {
"id": "CWE-80",
"name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
},
"discovery_date": "2022-04-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073157"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: HTML injection in execute-actions-email Admin REST API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1274"
},
{
"category": "external",
"summary": "RHBZ#2073157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1274",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1274"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725"
}
],
"release_date": "2023-02-28T18:57:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: HTML injection in execute-actions-email Admin REST API"
},
{
"acknowledgments": [
{
"names": [
"Grzegorz Tworek"
],
"organization": "SISOFT s.c."
}
],
"cve": "CVE-2022-1438",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2021-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2031904"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: XSS on impersonation under specific circumstances",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1438"
},
{
"category": "external",
"summary": "RHBZ#2031904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1438",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1438"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438"
}
],
"release_date": "2023-02-28T18:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: XSS on impersonation under specific circumstances"
},
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"cve": "CVE-2022-2764",
"discovery_date": "2022-08-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2117506"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK from the bytes, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2764"
},
{
"category": "external",
"summary": "RHBZ#2117506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2764",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2764"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764"
}
],
"release_date": "2022-08-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations"
},
{
"acknowledgments": [
{
"names": [
"Peter Flintholm"
],
"organization": "Trifork"
}
],
"cve": "CVE-2022-3916",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2022-11-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2141404"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Session takeover with OIDC offline refreshtokens",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3916"
},
{
"category": "external",
"summary": "RHBZ#2141404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3916"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916"
}
],
"release_date": "2022-11-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: Session takeover with OIDC offline refreshtokens"
},
{
"cve": "CVE-2022-4137",
"cwe": {
"id": "CWE-81",
"name": "Improper Neutralization of Script in an Error Message Web Page"
},
"discovery_date": "2022-11-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2148496"
}
],
"notes": [
{
"category": "description",
"text": "A reflected cross-site scripting (XSS) vulnerability was found in the \u0027oob\u0027 OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: reflected XSS attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4137"
},
{
"category": "external",
"summary": "RHBZ#2148496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4137",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137"
}
],
"release_date": "2023-03-01T13:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak: reflected XSS attack"
},
{
"cve": "CVE-2022-24785",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-04-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2072009"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Moment.js: Path traversal in moment.locale",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Quay 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24785"
},
{
"category": "external",
"summary": "RHBZ#2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4",
"url": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4"
}
],
"release_date": "2022-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
},
{
"category": "workaround",
"details": "Sanitize the user-provided locale name before passing it to Moment.js.",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Moment.js: Path traversal in moment.locale"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-31129",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105075"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "moment: inefficient parsing algorithm resulting in DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.\n\nIn Quay IO 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31129"
},
{
"category": "external",
"summary": "RHBZ#2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g",
"url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g"
}
],
"release_date": "2022-07-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "moment: inefficient parsing algorithm resulting in DoS"
},
{
"cve": "CVE-2022-37603",
"cwe": {
"id": "CWE-185",
"name": "Incorrect Regular Expression"
},
"discovery_date": "2022-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140597"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "loader-utils: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37603"
},
{
"category": "external",
"summary": "RHBZ#2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "loader-utils: Regular expression denial of service"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-38750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38750"
},
{
"category": "external",
"summary": "RHBZ#2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject"
},
{
"cve": "CVE-2022-38751",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38751"
},
{
"category": "external",
"summary": "RHBZ#2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46175",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156263"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json5: Prototype Pollution in JSON5 via Parse Method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The json5 package is a build-time dependency in Red Hat products and is not used in production runtime. Hence, the impact is set to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46175"
},
{
"category": "external",
"summary": "RHBZ#2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175"
},
{
"category": "external",
"summary": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h",
"url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h"
}
],
"release_date": "2022-12-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "json5: Prototype Pollution in JSON5 via Parse Method"
},
{
"cve": "CVE-2022-46363",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155681"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: directory listing / code exfiltration",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46363"
},
{
"category": "external",
"summary": "RHBZ#2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c",
"url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "CXF: directory listing / code exfiltration"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "CXF: SSRF Vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Sourav Kumar"
],
"organization": "https://github.com/souravs17031999",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-0091",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2158585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Client Registration endpoint does not check token revocation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0091"
},
{
"category": "external",
"summary": "RHBZ#2158585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0091"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg"
},
{
"category": "external",
"summary": "https://github.com/keycloak/security/issues/27",
"url": "https://github.com/keycloak/security/issues/27"
}
],
"release_date": "2022-10-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "keycloak: Client Registration endpoint does not check token revocation"
},
{
"acknowledgments": [
{
"names": [
"Jordi Zayuelas i Mu\u00f1oz"
],
"organization": "A1 Digital",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-0264",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2023-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2160585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak\u0027s OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, Integrity, and availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: user impersonation via stolen uuid code",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0264"
},
{
"category": "external",
"summary": "RHBZ#2160585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0264"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264"
}
],
"release_date": "2023-02-28T18:58:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: user impersonation via stolen uuid code"
}
]
}
RHSA-2023:0553
Vulnerability from csaf_redhat - Published: 2023-01-31 13:12 - Updated: 2026-01-08 09:44Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jquery: Prototype pollution in object's prototype leading to denial of
service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute
(CVE-2018-14040)
* jquery: Untrusted code execution via <option> tag in HTML passed to DOM
manipulation methods (CVE-2020-11023)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method
(CVE-2020-11022)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy
(CVE-2018-14041)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability
(CVE-2022-45047)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of
Service attacks (CVE-2022-40152)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of
tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip or popover data-template attribute
(CVE-2019-8331)
* nodejs-moment: Regular expression denial of service (CVE-2017-18214)
* wildfly-elytron: possible timing attacks via use of unsafe comparator
(CVE-2022-3143)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS
(CVE-2022-42003)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jettison: memory exhaustion via user-supplied XML or JSON data
(CVE-2022-40150)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of\nservice, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute\n(CVE-2018-14040)\n\n* jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM\nmanipulation methods (CVE-2020-11023)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method\n(CVE-2020-11022)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy\n(CVE-2018-14041)\n\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability\n(CVE-2022-45047)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of\nService attacks (CVE-2022-40152)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of\ntooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute\n(CVE-2019-8331)\n\n* nodejs-moment: Regular expression denial of service (CVE-2017-18214)\n\n* wildfly-elytron: possible timing attacks via use of unsafe comparator\n(CVE-2022-3143)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS\n(CVE-2022-42003)\n\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data\n(CVE-2022-40150)\n\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0553",
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "JBEAP-23864",
"url": "https://issues.redhat.com/browse/JBEAP-23864"
},
{
"category": "external",
"summary": "JBEAP-23865",
"url": "https://issues.redhat.com/browse/JBEAP-23865"
},
{
"category": "external",
"summary": "JBEAP-23866",
"url": "https://issues.redhat.com/browse/JBEAP-23866"
},
{
"category": "external",
"summary": "JBEAP-23927",
"url": "https://issues.redhat.com/browse/JBEAP-23927"
},
{
"category": "external",
"summary": "JBEAP-24055",
"url": "https://issues.redhat.com/browse/JBEAP-24055"
},
{
"category": "external",
"summary": "JBEAP-24081",
"url": "https://issues.redhat.com/browse/JBEAP-24081"
},
{
"category": "external",
"summary": "JBEAP-24095",
"url": "https://issues.redhat.com/browse/JBEAP-24095"
},
{
"category": "external",
"summary": "JBEAP-24100",
"url": "https://issues.redhat.com/browse/JBEAP-24100"
},
{
"category": "external",
"summary": "JBEAP-24127",
"url": "https://issues.redhat.com/browse/JBEAP-24127"
},
{
"category": "external",
"summary": "JBEAP-24128",
"url": "https://issues.redhat.com/browse/JBEAP-24128"
},
{
"category": "external",
"summary": "JBEAP-24132",
"url": "https://issues.redhat.com/browse/JBEAP-24132"
},
{
"category": "external",
"summary": "JBEAP-24147",
"url": "https://issues.redhat.com/browse/JBEAP-24147"
},
{
"category": "external",
"summary": "JBEAP-24167",
"url": "https://issues.redhat.com/browse/JBEAP-24167"
},
{
"category": "external",
"summary": "JBEAP-24191",
"url": "https://issues.redhat.com/browse/JBEAP-24191"
},
{
"category": "external",
"summary": "JBEAP-24195",
"url": "https://issues.redhat.com/browse/JBEAP-24195"
},
{
"category": "external",
"summary": "JBEAP-24207",
"url": "https://issues.redhat.com/browse/JBEAP-24207"
},
{
"category": "external",
"summary": "JBEAP-24248",
"url": "https://issues.redhat.com/browse/JBEAP-24248"
},
{
"category": "external",
"summary": "JBEAP-24426",
"url": "https://issues.redhat.com/browse/JBEAP-24426"
},
{
"category": "external",
"summary": "JBEAP-24427",
"url": "https://issues.redhat.com/browse/JBEAP-24427"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0553.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update",
"tracking": {
"current_release_date": "2026-01-08T09:44:24+00:00",
"generator": {
"date": "2026-01-08T09:44:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2023:0553",
"initial_release_date": "2023-01-31T13:12:13+00:00",
"revision_history": [
{
"date": "2023-01-31T13:12:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-31T13:12:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-08T09:44:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.9.3-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.12.7-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.9.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria-enterprise@1.0.1-3.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jgroups@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jms@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-engine@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-orm@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-serialization-avro@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.16-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-24.Final_redhat_00023.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-24.Final_redhat_00023.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.9-4.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.9-4.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2017-18214",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-03-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1553413"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-moment: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of momentjs as shipped with Red Hat Enterprise Satellite 5. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.\n\nIn Quay 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-18214"
},
{
"category": "external",
"summary": "RHBZ#1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-18214",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18214"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214"
}
],
"release_date": "2017-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-moment: Regular expression denial of service"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14041",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14041"
},
{
"category": "external",
"summary": "RHBZ#1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nStatic code analysis controls ensure that security flaws, including XSS vulnerabilities, are detected early in development by scanning code for improper input handling. This prevents vulnerable code from reaching production and encourages our developers to follow secure coding practices. System monitoring controls play a crucial role in detecting and responding to XSS attacks by analyzing logs, monitoring user behavior, and generating alerts for suspicious activity. Meanwhile, AWS WAF (Web Application Firewall) adds an extra layer of defense by filtering and blocking malicious input before it reaches the platform and/or application. Together, these controls create a defense-in-depth approach, reducing the risk of XSS exploitation by preventing, detecting, and mitigating attacks at multiple levels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2022-3143",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124682"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: possible timing attacks via use of unsafe comparator",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3143"
},
{
"category": "external",
"summary": "RHBZ#2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: possible timing attacks via use of unsafe comparator"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "CXF: SSRF Vulnerability"
}
]
}
RHSA-2019:3023
Vulnerability from csaf_redhat - Published: 2019-10-10 15:38 - Updated: 2026-01-08 09:44Summary
Red Hat Security Advisory: ovirt-engine-ui-extensions security and bug fix update
Notes
Topic
An update for ovirt-engine-ui-extensions is now available for Red Hat Virtualization Engine 4.3.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The ovirt-engine-ui-extensions package contains UI plugins that provide various extensions to the oVirt administration UI.
Security Fix(es):
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Known moderate severity security vulnerability detected by GitHub on ovirt-engine-ui-extensions components (BZ#1694035)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ovirt-engine-ui-extensions is now available for Red Hat Virtualization Engine 4.3.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The ovirt-engine-ui-extensions package contains UI plugins that provide various extensions to the oVirt administration UI.\n\nSecurity Fix(es):\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* js-jquery: prototype pollution in object\u0027s prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Known moderate severity security vulnerability detected by GitHub on ovirt-engine-ui-extensions components (BZ#1694035)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:3023",
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1752576",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752576"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3023.json"
}
],
"title": "Red Hat Security Advisory: ovirt-engine-ui-extensions security and bug fix update",
"tracking": {
"current_release_date": "2026-01-08T09:44:14+00:00",
"generator": {
"date": "2026-01-08T09:44:14+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2019:3023",
"initial_release_date": "2019-10-10T15:38:32+00:00",
"revision_history": [
{
"date": "2019-10-10T15:38:32+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-10-10T15:38:32+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-08T09:44:14+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHV-M 4.3",
"product": {
"name": "RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhev_manager:4.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"product": {
"name": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"product_id": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.0.10-1.el7ev?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src",
"product": {
"name": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src",
"product_id": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.0.10-1.el7ev?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch as a component of RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch"
},
"product_reference": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHV-S-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src as a component of RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
},
"product_reference": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src",
"relates_to_product_reference": "7Server-RHV-S-4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-10T15:38:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-10T15:38:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-10T15:38:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-10T15:38:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-10T15:38:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
}
]
}
RHSA-2020:5581
Vulnerability from csaf_redhat - Published: 2020-12-16 13:56 - Updated: 2025-11-21 18:19Summary
Red Hat Security Advisory: python-XStatic-jQuery security update
Notes
Topic
An update for python-XStatic-jQuery is now available for Red Hat OpenStack
Platform 13 (Queens).
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
python-XStatic-jQuery is the jQuery javascript library packaged for
Python's setuptools
Security Fix(es):
* Prototype pollution in object's prototype leading to denial of service
remote code execution or property injection (CVE-2019-11358)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for python-XStatic-jQuery is now available for Red Hat OpenStack\nPlatform 13 (Queens).\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "python-XStatic-jQuery is the jQuery javascript library packaged for\nPython\u0027s setuptools\n\nSecurity Fix(es):\n\n* Prototype pollution in object\u0027s prototype leading to denial of service\nremote code execution or property injection (CVE-2019-11358)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5581",
"url": "https://access.redhat.com/errata/RHSA-2020:5581"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5581.json"
}
],
"title": "Red Hat Security Advisory: python-XStatic-jQuery security update",
"tracking": {
"current_release_date": "2025-11-21T18:19:17+00:00",
"generator": {
"date": "2025-11-21T18:19:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2020:5581",
"initial_release_date": "2020-12-16T13:56:27+00:00",
"revision_history": [
{
"date": "2020-12-16T13:56:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-12-16T13:56:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:19:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 13.0",
"product": {
"name": "Red Hat OpenStack Platform 13.0",
"product_id": "7Server-RH7-RHOS-13.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:13::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 13.0 for RHEL 7.6 EUS Server",
"product": {
"name": "Red Hat OpenStack Platform 13.0 for RHEL 7.6 EUS Server",
"product_id": "7Server-7.6.EUS-RH7-RHOS-13.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:13::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "python-XStatic-jQuery-0:2.2.4.1-3.el7ost.noarch",
"product": {
"name": "python-XStatic-jQuery-0:2.2.4.1-3.el7ost.noarch",
"product_id": "python-XStatic-jQuery-0:2.2.4.1-3.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-XStatic-jQuery@2.2.4.1-3.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "python-XStatic-jQuery-0:2.2.4.1-3.el7ost.src",
"product": {
"name": "python-XStatic-jQuery-0:2.2.4.1-3.el7ost.src",
"product_id": "python-XStatic-jQuery-0:2.2.4.1-3.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-XStatic-jQuery@2.2.4.1-3.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-XStatic-jQuery-0:2.2.4.1-3.el7ost.noarch as a component of Red Hat OpenStack Platform 13.0 for RHEL 7.6 EUS Server",
"product_id": "7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-jQuery-0:2.2.4.1-3.el7ost.noarch"
},
"product_reference": "python-XStatic-jQuery-0:2.2.4.1-3.el7ost.noarch",
"relates_to_product_reference": "7Server-7.6.EUS-RH7-RHOS-13.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-XStatic-jQuery-0:2.2.4.1-3.el7ost.src as a component of Red Hat OpenStack Platform 13.0 for RHEL 7.6 EUS Server",
"product_id": "7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-jQuery-0:2.2.4.1-3.el7ost.src"
},
"product_reference": "python-XStatic-jQuery-0:2.2.4.1-3.el7ost.src",
"relates_to_product_reference": "7Server-7.6.EUS-RH7-RHOS-13.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-XStatic-jQuery-0:2.2.4.1-3.el7ost.noarch as a component of Red Hat OpenStack Platform 13.0",
"product_id": "7Server-RH7-RHOS-13.0:python-XStatic-jQuery-0:2.2.4.1-3.el7ost.noarch"
},
"product_reference": "python-XStatic-jQuery-0:2.2.4.1-3.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-13.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-XStatic-jQuery-0:2.2.4.1-3.el7ost.src as a component of Red Hat OpenStack Platform 13.0",
"product_id": "7Server-RH7-RHOS-13.0:python-XStatic-jQuery-0:2.2.4.1-3.el7ost.src"
},
"product_reference": "python-XStatic-jQuery-0:2.2.4.1-3.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-13.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-jQuery-0:2.2.4.1-3.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-jQuery-0:2.2.4.1-3.el7ost.src",
"7Server-RH7-RHOS-13.0:python-XStatic-jQuery-0:2.2.4.1-3.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-jQuery-0:2.2.4.1-3.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-16T13:56:27+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-jQuery-0:2.2.4.1-3.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-jQuery-0:2.2.4.1-3.el7ost.src",
"7Server-RH7-RHOS-13.0:python-XStatic-jQuery-0:2.2.4.1-3.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-jQuery-0:2.2.4.1-3.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5581"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-jQuery-0:2.2.4.1-3.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-jQuery-0:2.2.4.1-3.el7ost.src",
"7Server-RH7-RHOS-13.0:python-XStatic-jQuery-0:2.2.4.1-3.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-jQuery-0:2.2.4.1-3.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
}
]
}
RHBA-2020:0402
Vulnerability from csaf_redhat - Published: 2020-02-19 19:55 - Updated: 2025-11-21 17:22Summary
Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix update
Notes
Topic
Red Hat OpenShift Container Platform release 3.11.170 is now available with
updates to packages and images that fix several bugs.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 3.11.170. See the following advisory for the container images for
this release:
https://access.redhat.com/errata/RHBA-2020:0403
This release fixes the following bugs:
* The Cluster Monitoring Operator playbook would reset the CMO ConfigMap every time it was executed, and manual changes to the ConfigMap were lost. Now, etcd monitoring can be configured with Ansible and changes made to the ConfigMap are now persistent when the playbook is executed. (BZ#1703032)
* Prometheeus metrics for ElasticSearch were unavailable to users because the authentication class was instantiated multiple times and without the correct configuration. Now, SAR configuration has been added to the authentication_backend and the multi-tenant plugin executes SARs and allows access to metrics. (BZ#1728856)
* The installer was picking the incorrect version of etcd, reverting to an older package version. Now, the install has been updated to use etcd v3.2.26. (BZ#1744900)
* Redirection for ConfigMap was incorrect, leading to the console page instead of the ConfigMap details page. Now, the navigateResourceURL filter has been supplied with the namespace in the ConfigMap list page. Redirects will apply to the details page of the selected ConfigMap. (BZ#1782695)
* Unexpected iptables rules were saved on the first master host. This was due to the cockpit role operations performed after openshift_sdn roles. Now, the cockpit role runs before the openshift_sdn role and unnecessary sdn rules are not saved during installation. (BZ#1783764)
* Due to an incorrect statement in the heketi-template.yml.j2 template,the HEKETI_LVMWRAPPER environment variable was only included in deployments where Gluster runs on an external cluster, and not in the case where Gluster wass deployed on OpenShift in containers. The environment variable wass needed to specify a wrapper for LVM commands so that the commands can be run on the container node, outside the container. The missing variable results in less stability of the LVM configuration. Now, the statement in the heketi-template.yml.j2 template has been corrected and the HEKETI_LVMWRAPPER environment variable is now configured in the DeploymentConfig for the Heketi container. (BZ#1791667)
All OpenShift Container Platform 3.11 users are advised to upgrade to these
updated packages and images.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 3.11.170 is now available with\nupdates to packages and images that fix several bugs.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 3.11.170. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2020:0403\n\nThis release fixes the following bugs:\n\n* The Cluster Monitoring Operator playbook would reset the CMO ConfigMap every time it was executed, and manual changes to the ConfigMap were lost. Now, etcd monitoring can be configured with Ansible and changes made to the ConfigMap are now persistent when the playbook is executed. (BZ#1703032)\n\n* Prometheeus metrics for ElasticSearch were unavailable to users because the authentication class was instantiated multiple times and without the correct configuration. Now, SAR configuration has been added to the authentication_backend and the multi-tenant plugin executes SARs and allows access to metrics. (BZ#1728856)\n\n* The installer was picking the incorrect version of etcd, reverting to an older package version. Now, the install has been updated to use etcd v3.2.26. (BZ#1744900)\n\n* Redirection for ConfigMap was incorrect, leading to the console page instead of the ConfigMap details page. Now, the navigateResourceURL filter has been supplied with the namespace in the ConfigMap list page. Redirects will apply to the details page of the selected ConfigMap. (BZ#1782695)\n\n* Unexpected iptables rules were saved on the first master host. This was due to the cockpit role operations performed after openshift_sdn roles. Now, the cockpit role runs before the openshift_sdn role and unnecessary sdn rules are not saved during installation. (BZ#1783764)\n\n* Due to an incorrect statement in the heketi-template.yml.j2 template,the HEKETI_LVMWRAPPER environment variable was only included in deployments where Gluster runs on an external cluster, and not in the case where Gluster wass deployed on OpenShift in containers. The environment variable wass needed to specify a wrapper for LVM commands so that the commands can be run on the container node, outside the container. The missing variable results in less stability of the LVM configuration. Now, the statement in the heketi-template.yml.j2 template has been corrected and the HEKETI_LVMWRAPPER environment variable is now configured in the DeploymentConfig for the Heketi container. (BZ#1791667)\n\nAll OpenShift Container Platform 3.11 users are advised to upgrade to these\nupdated packages and images.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2020:0402",
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
},
{
"category": "external",
"summary": "1670380",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670380"
},
{
"category": "external",
"summary": "1670587",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670587"
},
{
"category": "external",
"summary": "1728856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728856"
},
{
"category": "external",
"summary": "1744900",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744900"
},
{
"category": "external",
"summary": "1749765",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749765"
},
{
"category": "external",
"summary": "1757314",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757314"
},
{
"category": "external",
"summary": "1757938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757938"
},
{
"category": "external",
"summary": "1782695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782695"
},
{
"category": "external",
"summary": "1783764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1783764"
},
{
"category": "external",
"summary": "1791667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791667"
},
{
"category": "external",
"summary": "1793628",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793628"
},
{
"category": "external",
"summary": "1795930",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1795930"
},
{
"category": "external",
"summary": "1798365",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798365"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhba-2020_0402.json"
}
],
"title": "Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix update",
"tracking": {
"current_release_date": "2025-11-21T17:22:18+00:00",
"generator": {
"date": "2025-11-21T17:22:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHBA-2020:0402",
"initial_release_date": "2020-02-19T19:55:22+00:00",
"revision_history": [
{
"date": "2020-02-19T19:55:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-02-19T19:55:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:22:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 3.11",
"product": {
"name": "Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:3.11::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"product": {
"name": "jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"product_id": "jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@3.11.1579107288-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product": {
"name": "openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product_id": "openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-cni@3.11.170-1.git.1.7265da1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product": {
"name": "openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product_id": "openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-common@3.11.170-1.git.1.7265da1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product": {
"name": "openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product_id": "openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-controller@3.11.170-1.git.1.7265da1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product": {
"name": "python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product_id": "python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python2-kuryr-kubernetes@3.11.170-1.git.1.7265da1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"product": {
"name": "atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"product_id": "atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-docker-excluder@3.11.170-1.git.0.00cac56.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"product": {
"name": "atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"product_id": "atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-excluder@3.11.170-1.git.0.00cac56.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-0:2.204.2.1580891656-1.el7.noarch",
"product": {
"name": "jenkins-0:2.204.2.1580891656-1.el7.noarch",
"product_id": "jenkins-0:2.204.2.1580891656-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.204.2.1580891656-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"product": {
"name": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_id": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible@3.11.170-2.git.5.8802564.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"product": {
"name": "openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_id": "openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible-docs@3.11.170-2.git.5.8802564.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"product": {
"name": "openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_id": "openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible-playbooks@3.11.170-2.git.5.8802564.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"product": {
"name": "openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_id": "openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible-roles@3.11.170-2.git.5.8802564.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"product": {
"name": "openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_id": "openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible-test@3.11.170-2.git.5.8802564.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"product": {
"name": "jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"product_id": "jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@3.11.1579107288-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"product": {
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"product_id": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.170-1.git.1.357f177.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"product": {
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"product_id": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.170-1.git.1.91db82e.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"product": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"product_id": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.170-1.git.1.0a0df6a.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"product": {
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"product_id": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.170-1.git.1.3d64e8b.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"product": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"product_id": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.170-1.git.1.661684b.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"product": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"product_id": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.170-1.git.1.b49be83.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"product": {
"name": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"product_id": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.170-1.git.1.55fab05.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"product": {
"name": "golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"product_id": "golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-prometheus@3.11.170-1.git.1.227bc98.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"product": {
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"product_id": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.170-1.git.1.8328979.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"product": {
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"product_id": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.170-1.git.1.9ad83f2.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"product": {
"name": "golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"product_id": "golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-node_exporter@3.11.170-1.git.1.51473b7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"product": {
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"product_id": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.170-1.git.1.b1f90a6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"product": {
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"product_id": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.170-1.git.1.dfe6c52.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"product": {
"name": "golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"product_id": "golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-alertmanager@3.11.170-1.git.1.61d7960.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"product": {
"name": "openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"product_id": "openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr@3.11.170-1.git.1.7265da1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"product": {
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"product_id": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift@3.11.170-1.git.0.00cac56.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-0:2.204.2.1580891656-1.el7.src",
"product": {
"name": "jenkins-0:2.204.2.1580891656-1.el7.src",
"product_id": "jenkins-0:2.204.2.1580891656-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.204.2.1580891656-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"product": {
"name": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"product_id": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible@3.11.170-2.git.5.8802564.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"product": {
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"product_id": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"product": {
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"product_id": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.170-1.git.1.357f177.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"product": {
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"product_id": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.170-1.git.1.91db82e.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"product": {
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"product_id": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.170-1.git.1.91db82e.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"product": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"product_id": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.170-1.git.1.0a0df6a.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"product": {
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"product_id": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.170-1.git.1.3d64e8b.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"product": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"product_id": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.170-1.git.1.661684b.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"product": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"product_id": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.170-1.git.1.b49be83.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"product": {
"name": "prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"product_id": "prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus@3.11.170-1.git.1.227bc98.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"product": {
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"product_id": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.170-1.git.1.8328979.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"product": {
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"product_id": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.170-1.git.1.9ad83f2.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"product": {
"name": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"product_id": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-node-exporter@3.11.170-1.git.1.51473b7.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"product": {
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"product_id": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.170-1.git.1.b1f90a6.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"product": {
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"product_id": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.170-1.git.1.dfe6c52.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"product": {
"name": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"product_id": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-alertmanager@3.11.170-1.git.1.61d7960.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-clients@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-master@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-pod@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-tests@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"product": {
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"product_id": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"product": {
"name": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"product_id": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"product": {
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"product_id": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.170-1.git.1.357f177.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"product": {
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"product_id": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.170-1.git.1.91db82e.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"product": {
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"product_id": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.170-1.git.1.91db82e.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"product": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"product_id": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.170-1.git.1.0a0df6a.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"product": {
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"product_id": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.170-1.git.1.3d64e8b.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"product": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"product_id": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.170-1.git.1.661684b.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"product": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"product_id": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.170-1.git.1.b49be83.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"product": {
"name": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"product_id": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.170-1.git.1.55fab05.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"product": {
"name": "prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"product_id": "prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus@3.11.170-1.git.1.227bc98.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"product": {
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"product_id": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.170-1.git.1.8328979.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"product": {
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"product_id": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.170-1.git.1.9ad83f2.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"product": {
"name": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"product_id": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-node-exporter@3.11.170-1.git.1.51473b7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"product": {
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"product_id": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.170-1.git.1.b1f90a6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"product": {
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"product_id": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.170-1.git.1.dfe6c52.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"product": {
"name": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"product_id": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-alertmanager@3.11.170-1.git.1.61d7960.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-clients@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-clients-redistributable@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-master@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-pod@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-tests@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"product": {
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"product_id": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"product": {
"name": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"product_id": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le"
},
"product_reference": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src"
},
"product_reference": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64"
},
"product_reference": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le"
},
"product_reference": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64"
},
"product_reference": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src"
},
"product_reference": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le"
},
"product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src"
},
"product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64"
},
"product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le"
},
"product_reference": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src"
},
"product_reference": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64"
},
"product_reference": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch"
},
"product_reference": "atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src"
},
"product_reference": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64"
},
"product_reference": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch"
},
"product_reference": "atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le"
},
"product_reference": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src"
},
"product_reference": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64"
},
"product_reference": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le"
},
"product_reference": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src"
},
"product_reference": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64"
},
"product_reference": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le"
},
"product_reference": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src"
},
"product_reference": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64"
},
"product_reference": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le"
},
"product_reference": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src"
},
"product_reference": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64"
},
"product_reference": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le"
},
"product_reference": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src"
},
"product_reference": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64"
},
"product_reference": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le"
},
"product_reference": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64"
},
"product_reference": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le"
},
"product_reference": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src"
},
"product_reference": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64"
},
"product_reference": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src"
},
"product_reference": "golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src"
},
"product_reference": "golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src"
},
"product_reference": "golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.204.2.1580891656-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch"
},
"product_reference": "jenkins-0:2.204.2.1580891656-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.204.2.1580891656-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src"
},
"product_reference": "jenkins-0:2.204.2.1580891656-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch"
},
"product_reference": "jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:3.11.1579107288-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src"
},
"product_reference": "jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch"
},
"product_reference": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src"
},
"product_reference": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch"
},
"product_reference": "openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch"
},
"product_reference": "openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch"
},
"product_reference": "openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch"
},
"product_reference": "openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le"
},
"product_reference": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src"
},
"product_reference": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64"
},
"product_reference": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le"
},
"product_reference": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src"
},
"product_reference": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64"
},
"product_reference": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src"
},
"product_reference": "openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch"
},
"product_reference": "openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch"
},
"product_reference": "openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch"
},
"product_reference": "openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le"
},
"product_reference": "prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64"
},
"product_reference": "prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le"
},
"product_reference": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64"
},
"product_reference": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le"
},
"product_reference": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64"
},
"product_reference": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
},
"product_reference": "python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-19T19:55:22+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-2099",
"cwe": {
"id": "CWE-305",
"name": "Authentication Bypass by Primary Weakness"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797080"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. Encryption key parameters are improperly reused in the Inbound TCP Agent Protocol/3 allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Inbound TCP Agent Protocol/3 authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2099"
},
{
"category": "external",
"summary": "RHBZ#1797080",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797080"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2099"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2099",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2099"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-19T19:55:22+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins: Inbound TCP Agent Protocol/3 authentication bypass"
},
{
"cve": "CVE-2020-2100",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797087"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: UDP multicast/broadcast service amplification reflection attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2100"
},
{
"category": "external",
"summary": "RHBZ#1797087",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797087"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2100",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2100"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2100",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2100"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-19T19:55:22+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins: UDP multicast/broadcast service amplification reflection attack"
},
{
"cve": "CVE-2020-2101",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797084"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier did not use a constant-time comparison function for validating connection secrets, which could potentially allow an attacker to use a timing attack to obtain this secret.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Non-constant time comparison of inbound TCP agent connection secret",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2101"
},
{
"category": "external",
"summary": "RHBZ#1797084",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797084"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2101",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2101"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2101",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2101"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-19T19:55:22+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins: Non-constant time comparison of inbound TCP agent connection secret"
},
{
"cve": "CVE-2020-2102",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797071"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Non-constant time HMAC comparison",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2102"
},
{
"category": "external",
"summary": "RHBZ#1797071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797071"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2102",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2102"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2102",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2102"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-19T19:55:22+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins: Non-constant time HMAC comparison"
},
{
"cve": "CVE-2020-2103",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797062"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier exposed session identifiers on a user\u0027s detail object in the whoAmI diagnostic page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Exposed session identifiers on user detail object in the whoAmI diagnostic page",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2103"
},
{
"category": "external",
"summary": "RHBZ#1797062",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797062"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2103",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2103"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2103",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2103"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-19T19:55:22+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins: Exposed session identifiers on user detail object in the whoAmI diagnostic page"
},
{
"cve": "CVE-2020-2104",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797065"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier allowed users with Overall/Read access to view a JVM memory usage chart.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Memory usage graphs accessible to anyone with Overall/Read",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2104"
},
{
"category": "external",
"summary": "RHBZ#1797065",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797065"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2104",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2104"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-19T19:55:22+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jenkins: Memory usage graphs accessible to anyone with Overall/Read"
},
{
"cve": "CVE-2020-2105",
"cwe": {
"id": "CWE-227",
"name": "CWE-227"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797068"
}
],
"notes": [
{
"category": "description",
"text": "REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: REST APIs vulnerable to clickjacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2105"
},
{
"category": "external",
"summary": "RHBZ#1797068",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797068"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2105",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2105"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-19T19:55:22+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jenkins: REST APIs vulnerable to clickjacking"
}
]
}
RHSA-2020:4847
Vulnerability from csaf_redhat - Published: 2020-11-04 01:39 - Updated: 2026-01-08 09:44Summary
Red Hat Security Advisory: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
Notes
Topic
An update for the pki-core:10.6 and pki-deps:10.6 modules is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.
Security Fix(es):
* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)
* pki: Dogtag's python client does not validate certificates (CVE-2020-15720)
* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)
* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)
* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)
* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the pki-core:10.6 and pki-deps:10.6 modules is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.\n\nSecurity Fix(es):\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jquery: Passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\n* pki: Dogtag\u0027s python client does not validate certificates (CVE-2020-15720)\n\n* pki-core: Reflected XSS in \u0027path length\u0027 constraint field in CA\u0027s Agent page (CVE-2019-10146)\n\n* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA\u0027s DRM agent page in authorize recovery tab (CVE-2019-10179)\n\n* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)\n\n* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4847",
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/"
},
{
"category": "external",
"summary": "1376706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1376706"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1406505",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406505"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1666907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666907"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1695901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695901"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1706521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1706521"
},
{
"category": "external",
"summary": "1710171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710171"
},
{
"category": "external",
"summary": "1721684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1721684"
},
{
"category": "external",
"summary": "1724433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724433"
},
{
"category": "external",
"summary": "1732565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732565"
},
{
"category": "external",
"summary": "1732981",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732981"
},
{
"category": "external",
"summary": "1777579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777579"
},
{
"category": "external",
"summary": "1805541",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805541"
},
{
"category": "external",
"summary": "1817247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817247"
},
{
"category": "external",
"summary": "1821851",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821851"
},
{
"category": "external",
"summary": "1822246",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1822246"
},
{
"category": "external",
"summary": "1824939",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824939"
},
{
"category": "external",
"summary": "1824948",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824948"
},
{
"category": "external",
"summary": "1825998",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825998"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1842734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1842734"
},
{
"category": "external",
"summary": "1842736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1842736"
},
{
"category": "external",
"summary": "1843537",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843537"
},
{
"category": "external",
"summary": "1845447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845447"
},
{
"category": "external",
"summary": "1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "1854043",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854043"
},
{
"category": "external",
"summary": "1854959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854959"
},
{
"category": "external",
"summary": "1855273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855273"
},
{
"category": "external",
"summary": "1855319",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855319"
},
{
"category": "external",
"summary": "1856368",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856368"
},
{
"category": "external",
"summary": "1857933",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857933"
},
{
"category": "external",
"summary": "1861911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861911"
},
{
"category": "external",
"summary": "1869893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869893"
},
{
"category": "external",
"summary": "1871064",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1871064"
},
{
"category": "external",
"summary": "1873235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1873235"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4847.json"
}
],
"title": "Red Hat Security Advisory: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2026-01-08T09:44:17+00:00",
"generator": {
"date": "2026-01-08T09:44:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2020:4847",
"initial_release_date": "2020-11-04T01:39:43+00:00",
"revision_history": [
{
"date": "2020-11-04T01:39:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-11-04T01:39:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-08T09:44:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product": {
"name": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6)",
"product_id": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-collections@3.2.2-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product": {
"name": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6)",
"product_id": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-lang@2.6-21.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"product": {
"name": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch (pki-deps:10.6)",
"product_id": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-net@3.6-3.module%2Bel8.3.0%2B6805%2B72837426?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product": {
"name": "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6)",
"product_id": "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bea-stax-api@1.2.0-16.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product": {
"name": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6)",
"product_id": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-fastinfoset@1.2.13-9.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product": {
"name": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6)",
"product_id": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb-api@2.2.12-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product": {
"name": "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6)",
"product_id": "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb-core@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product": {
"name": "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6)",
"product_id": "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb-runtime@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product": {
"name": "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6)",
"product_id": "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb-txw2@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"product": {
"name": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch (pki-deps:10.6)",
"product_id": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-annotations@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"product": {
"name": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch (pki-deps:10.6)",
"product_id": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-core@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"product": {
"name": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch (pki-deps:10.6)",
"product_id": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-databind@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"product": {
"name": "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch (pki-deps:10.6)",
"product_id": "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-jaxrs-json-provider@2.9.9-1.module%2Bel8.1.0%2B3832%2B9784644d?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"product": {
"name": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch (pki-deps:10.6)",
"product_id": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-jaxrs-providers@2.9.9-1.module%2Bel8.1.0%2B3832%2B9784644d?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product": {
"name": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6)",
"product_id": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-module-jaxb-annotations@2.7.6-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product": {
"name": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6)",
"product_id": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jakarta-commons-httpclient@3.1-28.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026epoch=1\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product": {
"name": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6)",
"product_id": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/javassist@3.18.1-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product": {
"name": "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6)",
"product_id": "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/javassist-javadoc@3.18.1-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"product": {
"name": "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch (pki-deps:10.6)",
"product_id": "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-servlet-4.0-api@9.0.30-1.module%2Bel8.3.0%2B6730%2B8f9c6254?arch=noarch\u0026epoch=1\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"product": {
"name": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch (pki-deps:10.6)",
"product_id": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-servlet-engine@9.0.30-1.module%2Bel8.3.0%2B6730%2B8f9c6254?arch=noarch\u0026epoch=1\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product": {
"name": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6)",
"product_id": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/relaxngDatatype@2011.1-7.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"product": {
"name": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch (pki-deps:10.6)",
"product_id": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/resteasy@3.0.26-3.module%2Bel8.2.0%2B5723%2B4574fbff?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product": {
"name": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6)",
"product_id": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slf4j@1.7.25-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product": {
"name": "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6)",
"product_id": "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slf4j-jdk14@1.7.25-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"product": {
"name": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch (pki-deps:10.6)",
"product_id": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stax-ex@1.7.7-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product": {
"name": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6)",
"product_id": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/velocity@1.7-24.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product": {
"name": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6)",
"product_id": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xalan-j2@2.7.1-38.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product": {
"name": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6)",
"product_id": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xerces-j2@2.11.0-34.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product": {
"name": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6)",
"product_id": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xml-commons-apis@1.4.01-25.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product": {
"name": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6)",
"product_id": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xml-commons-resolver@1.2-26.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"product": {
"name": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch (pki-deps:10.6)",
"product_id": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xmlstreambuffer@1.5.4-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product": {
"name": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6)",
"product_id": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xsom@0-19.20110809svn.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"product": {
"name": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch (pki-core:10.6)",
"product_id": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ldapjdk@4.22.0-1.module%2Bel8.3.0%2B6784%2B6e1e4c62?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"product": {
"name": "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch (pki-core:10.6)",
"product_id": "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ldapjdk-javadoc@4.22.0-1.module%2Bel8.3.0%2B6784%2B6e1e4c62?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"product": {
"name": "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch (pki-core:10.6)",
"product_id": "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-base@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"product": {
"name": "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch (pki-core:10.6)",
"product_id": "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-base-java@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"product": {
"name": "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch (pki-core:10.6)",
"product_id": "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-ca@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"product": {
"name": "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch (pki-core:10.6)",
"product_id": "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-kra@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"product": {
"name": "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch (pki-core:10.6)",
"product_id": "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-server@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"product": {
"name": "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch (pki-core:10.6)",
"product_id": "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pki@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"product": {
"name": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch (pki-core:10.6)",
"product_id": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcatjss@7.5.0-1.module%2Bel8.3.0%2B7355%2Bc59bcbd9?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product": {
"name": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6)",
"product_id": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-collections@3.2.2-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product": {
"name": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6)",
"product_id": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-lang@2.6-21.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"product": {
"name": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src (pki-deps:10.6)",
"product_id": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-net@3.6-3.module%2Bel8.3.0%2B6805%2B72837426?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product": {
"name": "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6)",
"product_id": "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bea-stax@1.2.0-16.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product": {
"name": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6)",
"product_id": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-fastinfoset@1.2.13-9.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product": {
"name": "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6)",
"product_id": "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product": {
"name": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6)",
"product_id": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb-api@2.2.12-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"product": {
"name": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src (pki-deps:10.6)",
"product_id": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-annotations@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"product": {
"name": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src (pki-deps:10.6)",
"product_id": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-core@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"product": {
"name": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src (pki-deps:10.6)",
"product_id": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-databind@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"product": {
"name": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src (pki-deps:10.6)",
"product_id": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-jaxrs-providers@2.9.9-1.module%2Bel8.1.0%2B3832%2B9784644d?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product": {
"name": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6)",
"product_id": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-module-jaxb-annotations@2.7.6-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product": {
"name": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6)",
"product_id": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jakarta-commons-httpclient@3.1-28.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026epoch=1\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product": {
"name": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6)",
"product_id": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/javassist@3.18.1-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"product": {
"name": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src (pki-deps:10.6)",
"product_id": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-servlet-engine@9.0.30-1.module%2Bel8.3.0%2B6730%2B8f9c6254?arch=src\u0026epoch=1\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product": {
"name": "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6)",
"product_id": "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product": {
"name": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6)",
"product_id": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/relaxngDatatype@2011.1-7.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"product": {
"name": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src (pki-deps:10.6)",
"product_id": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/resteasy@3.0.26-3.module%2Bel8.2.0%2B5723%2B4574fbff?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product": {
"name": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6)",
"product_id": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slf4j@1.7.25-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"product": {
"name": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src (pki-deps:10.6)",
"product_id": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stax-ex@1.7.7-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product": {
"name": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6)",
"product_id": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/velocity@1.7-24.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product": {
"name": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6)",
"product_id": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xalan-j2@2.7.1-38.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product": {
"name": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6)",
"product_id": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xerces-j2@2.11.0-34.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product": {
"name": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6)",
"product_id": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xml-commons-apis@1.4.01-25.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product": {
"name": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6)",
"product_id": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xml-commons-resolver@1.2-26.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"product": {
"name": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src (pki-deps:10.6)",
"product_id": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xmlstreambuffer@1.5.4-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product": {
"name": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6)",
"product_id": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xsom@0-19.20110809svn.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"product": {
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src (pki-core:10.6)",
"product_id": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=src\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"product": {
"name": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src (pki-core:10.6)",
"product_id": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ldapjdk@4.22.0-1.module%2Bel8.3.0%2B6784%2B6e1e4c62?arch=src\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"product": {
"name": "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src (pki-core:10.6)",
"product_id": "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=src\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"product": {
"name": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src (pki-core:10.6)",
"product_id": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcatjss@7.5.0-1.module%2Bel8.3.0%2B7355%2Bc59bcbd9?arch=src\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"product": {
"name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 (pki-deps:10.6)",
"product_id": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"product": {
"name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 (pki-deps:10.6)",
"product_id": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"product": {
"name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 (pki-deps:10.6)",
"product_id": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"product": {
"name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 (pki-deps:10.6)",
"product_id": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"product": {
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 (pki-core:10.6)",
"product_id": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"product": {
"name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 (pki-core:10.6)",
"product_id": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"product": {
"name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 (pki-core:10.6)",
"product_id": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"product": {
"name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 (pki-core:10.6)",
"product_id": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"product": {
"name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 (pki-core:10.6)",
"product_id": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"product": {
"name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 (pki-core:10.6)",
"product_id": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"product": {
"name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 (pki-core:10.6)",
"product_id": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"product": {
"name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 (pki-core:10.6)",
"product_id": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"product": {
"name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 (pki-core:10.6)",
"product_id": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"product": {
"name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 (pki-core:10.6)",
"product_id": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"product": {
"name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x (pki-deps:10.6)",
"product_id": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"product": {
"name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x (pki-deps:10.6)",
"product_id": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"product": {
"name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x (pki-deps:10.6)",
"product_id": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"product": {
"name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x (pki-deps:10.6)",
"product_id": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"product": {
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x (pki-core:10.6)",
"product_id": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"product": {
"name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x (pki-core:10.6)",
"product_id": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"product": {
"name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x (pki-core:10.6)",
"product_id": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"product": {
"name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x (pki-core:10.6)",
"product_id": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"product": {
"name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x (pki-core:10.6)",
"product_id": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"product": {
"name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x (pki-core:10.6)",
"product_id": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"product": {
"name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x (pki-core:10.6)",
"product_id": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"product": {
"name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x (pki-core:10.6)",
"product_id": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"product": {
"name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x (pki-core:10.6)",
"product_id": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"product": {
"name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x (pki-core:10.6)",
"product_id": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"product": {
"name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le (pki-deps:10.6)",
"product_id": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"product": {
"name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le (pki-deps:10.6)",
"product_id": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"product": {
"name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le (pki-deps:10.6)",
"product_id": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"product": {
"name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le (pki-deps:10.6)",
"product_id": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"product": {
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le (pki-core:10.6)",
"product_id": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"product": {
"name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le (pki-core:10.6)",
"product_id": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"product": {
"name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le (pki-core:10.6)",
"product_id": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"product": {
"name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le (pki-core:10.6)",
"product_id": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"product": {
"name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le (pki-core:10.6)",
"product_id": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"product": {
"name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le (pki-core:10.6)",
"product_id": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"product": {
"name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le (pki-core:10.6)",
"product_id": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"product": {
"name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le (pki-core:10.6)",
"product_id": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"product": {
"name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le (pki-core:10.6)",
"product_id": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"product": {
"name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le (pki-core:10.6)",
"product_id": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"product": {
"name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 (pki-deps:10.6)",
"product_id": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"product": {
"name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 (pki-deps:10.6)",
"product_id": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"product": {
"name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 (pki-deps:10.6)",
"product_id": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"product": {
"name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 (pki-deps:10.6)",
"product_id": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"product": {
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 (pki-core:10.6)",
"product_id": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"product": {
"name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 (pki-core:10.6)",
"product_id": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"product": {
"name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 (pki-core:10.6)",
"product_id": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"product": {
"name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 (pki-core:10.6)",
"product_id": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"product": {
"name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 (pki-core:10.6)",
"product_id": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"product": {
"name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 (pki-core:10.6)",
"product_id": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"product": {
"name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 (pki-core:10.6)",
"product_id": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"product": {
"name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 (pki-core:10.6)",
"product_id": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"product": {
"name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 (pki-core:10.6)",
"product_id": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"product": {
"name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 (pki-core:10.6)",
"product_id": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6"
},
"product_reference": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
},
"product_reference": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6"
},
"product_reference": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
},
"product_reference": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6"
},
"product_reference": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6"
},
"product_reference": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
},
"product_reference": "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6"
},
"product_reference": "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6"
},
"product_reference": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
},
"product_reference": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
},
"product_reference": "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6"
},
"product_reference": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
},
"product_reference": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6"
},
"product_reference": "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6"
},
"product_reference": "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6"
},
"product_reference": "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6"
},
"product_reference": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6"
},
"product_reference": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6"
},
"product_reference": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6"
},
"product_reference": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6"
},
"product_reference": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6"
},
"product_reference": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6"
},
"product_reference": "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6"
},
"product_reference": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6"
},
"product_reference": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6"
},
"product_reference": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
},
"product_reference": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6"
},
"product_reference": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
},
"product_reference": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6"
},
"product_reference": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
},
"product_reference": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6"
},
"product_reference": "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6"
},
"product_reference": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6"
},
"product_reference": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6"
},
"product_reference": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6"
},
"product_reference": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6"
},
"product_reference": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6"
},
"product_reference": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6"
},
"product_reference": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6"
},
"product_reference": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6"
},
"product_reference": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6"
},
"product_reference": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6"
},
"product_reference": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6"
},
"product_reference": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6"
},
"product_reference": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6"
},
"product_reference": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6"
},
"product_reference": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6"
},
"product_reference": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6"
},
"product_reference": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6"
},
"product_reference": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6"
},
"product_reference": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6"
},
"product_reference": "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6"
},
"product_reference": "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6"
},
"product_reference": "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6"
},
"product_reference": "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6"
},
"product_reference": "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6"
},
"product_reference": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6"
},
"product_reference": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6"
},
"product_reference": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6"
},
"product_reference": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6"
},
"product_reference": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6"
},
"product_reference": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6"
},
"product_reference": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6"
},
"product_reference": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6"
},
"product_reference": "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6"
},
"product_reference": "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6"
},
"product_reference": "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6"
},
"product_reference": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6"
},
"product_reference": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6"
},
"product_reference": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6"
},
"product_reference": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6"
},
"product_reference": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6"
},
"product_reference": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6"
},
"product_reference": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6"
},
"product_reference": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6"
},
"product_reference": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6"
},
"product_reference": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6"
},
"product_reference": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6"
},
"product_reference": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6"
},
"product_reference": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6"
},
"product_reference": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6"
},
"product_reference": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6"
},
"product_reference": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6"
},
"product_reference": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6"
},
"product_reference": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
},
"product_reference": "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6"
},
"product_reference": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6"
},
"product_reference": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6"
},
"product_reference": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6"
},
"product_reference": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6"
},
"product_reference": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6"
},
"product_reference": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6"
},
"product_reference": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6"
},
"product_reference": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6"
},
"product_reference": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6"
},
"product_reference": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6"
},
"product_reference": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6"
},
"product_reference": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6"
},
"product_reference": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6"
},
"product_reference": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6"
},
"product_reference": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6"
},
"product_reference": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6"
},
"product_reference": "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6"
},
"product_reference": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
},
"product_reference": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6"
},
"product_reference": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6"
},
"product_reference": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6"
},
"product_reference": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
},
"product_reference": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6"
},
"product_reference": "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6"
},
"product_reference": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6"
},
"product_reference": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6"
},
"product_reference": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6"
},
"product_reference": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6"
},
"product_reference": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
},
"product_reference": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6"
},
"product_reference": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
},
"product_reference": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6"
},
"product_reference": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
},
"product_reference": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6"
},
"product_reference": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
},
"product_reference": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6"
},
"product_reference": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
},
"product_reference": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6"
},
"product_reference": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6"
},
"product_reference": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6"
},
"product_reference": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
},
"product_reference": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"acknowledgments": [
{
"names": [
"Pritam Singh"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-10146",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1710171"
}
],
"notes": [
{
"category": "description",
"text": "A Reflected Cross Site Scripting flaw was found in the pki-ca module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim\u0027s browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki-core: Reflected XSS in \u0027path length\u0027 constraint field in CA\u0027s Agent page",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is considered Low, because it requires the attacker to first request or predict a valid nonce. Without a valid nonce, no arbitrary HTML will be sent back to the victim\u0027s browser.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10146"
},
{
"category": "external",
"summary": "RHBZ#1710171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10146",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10146"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10146",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10146"
}
],
"release_date": "2020-02-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pki-core: Reflected XSS in \u0027path length\u0027 constraint field in CA\u0027s Agent page"
},
{
"acknowledgments": [
{
"names": [
"Pritam Singh"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-10179",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1695901"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA\u0027s DRM agent page in authorize recovery tab",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10179"
},
{
"category": "external",
"summary": "RHBZ#1695901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695901"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10179",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10179"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10179",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10179"
}
],
"release_date": "2020-02-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA\u0027s DRM agent page in authorize recovery tab"
},
{
"acknowledgments": [
{
"names": [
"Pritam Singh"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-10221",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-07-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1732565"
}
],
"notes": [
{
"category": "description",
"text": "A Reflected Cross Site Scripting vulnerability was found in the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki-core: Reflected XSS in getcookies?url= endpoint in CA",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10221"
},
{
"category": "external",
"summary": "RHBZ#1732565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732565"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10221",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10221"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10221",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10221"
}
],
"release_date": "2020-02-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pki-core: Reflected XSS in getcookies?url= endpoint in CA"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"acknowledgments": [
{
"names": [
"Pritam Singh"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-1721",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1777579"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Key Recovery Authority (KRA) Agent Service where it did not properly sanitize the recovery ID during a key recovery request, enabling a Reflected Cross-Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki-core: KRA vulnerable to reflected XSS via the getPk12 page",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1721"
},
{
"category": "external",
"summary": "RHBZ#1777579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777579"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1721",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1721"
}
],
"release_date": "2020-02-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pki-core: KRA vulnerable to reflected XSS via the getPk12 page"
},
{
"acknowledgments": [
{
"names": [
"@ZeddYu"
],
"organization": "Apache Tomcat Security Team"
}
],
"cve": "CVE-2020-1935",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-12-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1806835"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line (EOL) parsing that allowed some invalid HTTP headers to be parsed as valid. This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. The highest threat with this vulnerability is system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenDaylight in Red Hat OpenStack 10 \u0026 13 was in technical preview status, because of this no fixes will be released for it.\n\nIn Red Hat Satellite 6, Candlepin is using Tomcat to provide a REST API, and has been found to be vulnerable to the flaw. However, it is currently believed that no useful attacks can be carried over.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1935"
},
{
"category": "external",
"summary": "RHBZ#1806835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806835"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1935",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1935"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1935",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1935"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31",
"url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31"
}
],
"release_date": "2020-02-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
},
{
"category": "workaround",
"details": "Workaround for Red Hat Satellite 6 is to add iptables rule to deny TCP requests of Tomcat that are not originating from the Satellite.\n\nFor other Red Hat products, either mitigation isn\u0027t available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling"
},
{
"cve": "CVE-2020-1938",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2020-02-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1806398"
}
],
"notes": [
{
"category": "description",
"text": "CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251 and CVE page https://access.redhat.com/security/cve/cve-2020-1745",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1938"
},
{
"category": "external",
"summary": "RHBZ#1806398",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806398"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1938",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1938"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938"
},
{
"category": "external",
"summary": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/",
"url": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31",
"url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31"
},
{
"category": "external",
"summary": "https://www.cnvd.org.cn/webinfo/show/5415",
"url": "https://www.cnvd.org.cn/webinfo/show/5415"
},
{
"category": "external",
"summary": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487",
"url": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
},
{
"category": "workaround",
"details": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-03T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nStatic code analysis controls ensure that security flaws, including XSS vulnerabilities, are detected early in development by scanning code for improper input handling. This prevents vulnerable code from reaching production and encourages our developers to follow secure coding practices. System monitoring controls play a crucial role in detecting and responding to XSS attacks by analyzing logs, monitoring user behavior, and generating alerts for suspicious activity. Meanwhile, AWS WAF (Web Application Firewall) adds an extra layer of defense by filtering and blocking malicious input before it reaches the platform and/or application. Together, these controls create a defense-in-depth approach, reducing the risk of XSS exploitation by preventing, detecting, and mitigating attacks at multiple levels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"acknowledgments": [
{
"names": [
"Christian Heimes"
]
}
],
"cve": "CVE-2020-15720",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1855273"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in PKI, where the dogtag\u0027s pki.client.PKIConnection class disables the python-requests certificate validation. This flaw allows an attacker to intercept a connection between a FreeIPA client and a server, and execute an active Man-in-the-Middle attack. The highest threat from this vulnerability is to confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki: Dogtag\u0027s python client does not validate certificates",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In PKI, the pki.client.PKIConnection python class is used by the `pki-server` and `pkispawn` commands. `pki-server` runs locally on the server, thus not subject to a Person in the Middle attack. `pkispawn` may access remote node in decentralized or cloned contexts.\n\nIdentity Management (IPA) command line interface (the vault related sub-commands) may call pki.client.PKIConnection().",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15720"
},
{
"category": "external",
"summary": "RHBZ#1855273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15720",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15720"
}
],
"release_date": "2020-06-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "pki: Dogtag\u0027s python client does not validate certificates"
},
{
"cve": "CVE-2020-25715",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-10-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1891016"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting (XSS) attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki-core: XSS in the certificate search results",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 8.3 (pki-core 10.9.4) contains mitigations that prevents the vulnerability to be exploited. Red Hat Enterprise Linux version 8 prior to 8.3 are vulnerable to this version",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25715"
},
{
"category": "external",
"summary": "RHBZ#1891016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891016"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25715",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25715"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25715",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25715"
}
],
"release_date": "2021-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
},
{
"category": "workaround",
"details": "Because the cross-site scripting (XSS) attack requires the victim to have their RHCS certificate installed in their web browser to be successful, it is recommended that web browser not hold the keys and that the user use the command line interface (CLI) instead.",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "pki-core: XSS in the certificate search results"
},
{
"cve": "CVE-2022-25762",
"cwe": {
"id": "CWE-226",
"name": "Sensitive Information in Resource Not Removed Before Reuse"
},
"discovery_date": "2022-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2085304"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the tomcat package. When a web application sends a WebSocket message concurrently with the WebSocket connection closing, the application may continue to use the socket after it has been closed. In this case, the error handling triggered could cause the pooled object to be placed in the pool twice. This issue results in subsequent connections using the same object concurrently, which causes data to be potentially returned to the wrong user or application stability issues.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: request mixup",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25762"
},
{
"category": "external",
"summary": "RHBZ#2085304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2085304"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25762",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25762"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25762",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25762"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.76",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.76"
}
],
"release_date": "2022-05-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src::pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src::pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x::pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64::pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64::pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch::pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src::pki-core:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch::pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src::pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: request mixup"
}
]
}
RHSA-2023:1044
Vulnerability from csaf_redhat - Published: 2023-03-01 21:45 - Updated: 2026-01-08 11:39Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 8
Notes
Topic
New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.6.2 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)
* Moment.js: Path traversal in moment.locale (CVE-2022-24785)
* keycloak: missing email notification template allowlist (CVE-2022-1274)
* keycloak: minimist: prototype pollution (CVE-2021-44906)
* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)
* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)
* keycloak: path traversal via double URL encoding (CVE-2022-3782)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)
* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)
* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)
* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)
* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)
* keycloak: reflected XSS attack (CVE-2022-4137)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.6.2 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n* keycloak: missing email notification template allowlist (CVE-2022-1274)\n* keycloak: minimist: prototype pollution (CVE-2021-44906)\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)\n* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)\n* keycloak: path traversal via double URL encoding (CVE-2022-3782)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)\n* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)\n* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)\n* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)\n* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n* jquery: Passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)\n* keycloak: reflected XSS attack (CVE-2022-4137)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1044",
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "2031904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904"
},
{
"category": "external",
"summary": "2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "2073157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157"
},
{
"category": "external",
"summary": "2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "2117506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2138971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138971"
},
{
"category": "external",
"summary": "2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "2141404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2148496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "2158585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585"
},
{
"category": "external",
"summary": "2160585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1044.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 8",
"tracking": {
"current_release_date": "2026-01-08T11:39:49+00:00",
"generator": {
"date": "2026-01-08T11:39:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2023:1044",
"initial_release_date": "2023-03-01T21:45:12+00:00",
"revision_history": [
{
"date": "2023-03-01T21:45:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-03-01T21:45:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-08T11:39:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Single Sign-On 7.6 for RHEL 8",
"product": {
"name": "Red Hat Single Sign-On 7.6 for RHEL 8",
"product_id": "8Base-RHSSO-7.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"product": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"product_id": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1.el8sso?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"product": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"product_id": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1.el8sso?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"product": {
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"product_id": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak-server@18.0.6-1.redhat_00001.1.el8sso?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 8",
"product_id": "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
},
"product_reference": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"relates_to_product_reference": "8Base-RHSSO-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src as a component of Red Hat Single Sign-On 7.6 for RHEL 8",
"product_id": "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src"
},
"product_reference": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"relates_to_product_reference": "8Base-RHSSO-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 8",
"product_id": "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
},
"product_reference": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"relates_to_product_reference": "8Base-RHSSO-7.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nStatic code analysis controls ensure that security flaws, including XSS vulnerabilities, are detected early in development by scanning code for improper input handling. This prevents vulnerable code from reaching production and encourages our developers to follow secure coding practices. System monitoring controls play a crucial role in detecting and responding to XSS attacks by analyzing logs, monitoring user behavior, and generating alerts for suspicious activity. Meanwhile, AWS WAF (Web Application Firewall) adds an extra layer of defense by filtering and blocking malicious input before it reaches the platform and/or application. Together, these controls create a defense-in-depth approach, reducing the risk of XSS exploitation by preventing, detecting, and mitigating attacks at multiple levels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2021-35065",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156324"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glob-parent: Regular Expression Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35065"
},
{
"category": "external",
"summary": "RHBZ#2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35065"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294",
"url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294"
}
],
"release_date": "2022-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "glob-parent: Regular Expression Denial of Service"
},
{
"cve": "CVE-2021-44906",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066009"
}
],
"notes": [
{
"category": "description",
"text": "An Uncontrolled Resource Consumption flaw was found in minimist. The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. This flaw (CVE-2021-44906) allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimist: prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "As minimist is an argument parsing module for nodejs, exploitation of this vulnerability requires an attacker to influence which arguments are passed to nodejs when running a script. Red Hat products and services are designed in such a way that gaining this ability is not trivial. Additionally, the impact is limited by only enabling the pollution of functions, and not all generic objects.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44906"
},
{
"category": "external",
"summary": "RHBZ#2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h",
"url": "https://github.com/advisories/GHSA-xvch-5gv4-984h"
}
],
"release_date": "2022-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimist: prototype pollution"
},
{
"acknowledgments": [
{
"names": [
"Marcus Nilsson"
],
"organization": "usd AG"
}
],
"cve": "CVE-2022-1274",
"cwe": {
"id": "CWE-80",
"name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
},
"discovery_date": "2022-04-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073157"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: HTML injection in execute-actions-email Admin REST API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1274"
},
{
"category": "external",
"summary": "RHBZ#2073157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1274",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1274"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725"
}
],
"release_date": "2023-02-28T18:57:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: HTML injection in execute-actions-email Admin REST API"
},
{
"acknowledgments": [
{
"names": [
"Grzegorz Tworek"
],
"organization": "SISOFT s.c."
}
],
"cve": "CVE-2022-1438",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2021-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2031904"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: XSS on impersonation under specific circumstances",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1438"
},
{
"category": "external",
"summary": "RHBZ#2031904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1438",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1438"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438"
}
],
"release_date": "2023-02-28T18:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: XSS on impersonation under specific circumstances"
},
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"cve": "CVE-2022-2764",
"discovery_date": "2022-08-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2117506"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK from the bytes, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2764"
},
{
"category": "external",
"summary": "RHBZ#2117506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2764",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2764"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764"
}
],
"release_date": "2022-08-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations"
},
{
"acknowledgments": [
{
"names": [
"Peter Flintholm"
],
"organization": "Trifork"
}
],
"cve": "CVE-2022-3916",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2022-11-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2141404"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Session takeover with OIDC offline refreshtokens",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3916"
},
{
"category": "external",
"summary": "RHBZ#2141404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3916"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916"
}
],
"release_date": "2022-11-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: Session takeover with OIDC offline refreshtokens"
},
{
"cve": "CVE-2022-4137",
"cwe": {
"id": "CWE-81",
"name": "Improper Neutralization of Script in an Error Message Web Page"
},
"discovery_date": "2022-11-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2148496"
}
],
"notes": [
{
"category": "description",
"text": "A reflected cross-site scripting (XSS) vulnerability was found in the \u0027oob\u0027 OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: reflected XSS attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4137"
},
{
"category": "external",
"summary": "RHBZ#2148496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4137",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137"
}
],
"release_date": "2023-03-01T13:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak: reflected XSS attack"
},
{
"cve": "CVE-2022-24785",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-04-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2072009"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Moment.js: Path traversal in moment.locale",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Quay 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24785"
},
{
"category": "external",
"summary": "RHBZ#2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4",
"url": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4"
}
],
"release_date": "2022-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
},
{
"category": "workaround",
"details": "Sanitize the user-provided locale name before passing it to Moment.js.",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Moment.js: Path traversal in moment.locale"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-31129",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105075"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "moment: inefficient parsing algorithm resulting in DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.\n\nIn Quay IO 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31129"
},
{
"category": "external",
"summary": "RHBZ#2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g",
"url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g"
}
],
"release_date": "2022-07-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "moment: inefficient parsing algorithm resulting in DoS"
},
{
"cve": "CVE-2022-37603",
"cwe": {
"id": "CWE-185",
"name": "Incorrect Regular Expression"
},
"discovery_date": "2022-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140597"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "loader-utils: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37603"
},
{
"category": "external",
"summary": "RHBZ#2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "loader-utils: Regular expression denial of service"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-38750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38750"
},
{
"category": "external",
"summary": "RHBZ#2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject"
},
{
"cve": "CVE-2022-38751",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38751"
},
{
"category": "external",
"summary": "RHBZ#2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46175",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156263"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json5: Prototype Pollution in JSON5 via Parse Method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The json5 package is a build-time dependency in Red Hat products and is not used in production runtime. Hence, the impact is set to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46175"
},
{
"category": "external",
"summary": "RHBZ#2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175"
},
{
"category": "external",
"summary": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h",
"url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h"
}
],
"release_date": "2022-12-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "json5: Prototype Pollution in JSON5 via Parse Method"
},
{
"cve": "CVE-2022-46363",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155681"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: directory listing / code exfiltration",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46363"
},
{
"category": "external",
"summary": "RHBZ#2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c",
"url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "CXF: directory listing / code exfiltration"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "CXF: SSRF Vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Sourav Kumar"
],
"organization": "https://github.com/souravs17031999",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-0091",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2158585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Client Registration endpoint does not check token revocation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0091"
},
{
"category": "external",
"summary": "RHBZ#2158585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0091"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg"
},
{
"category": "external",
"summary": "https://github.com/keycloak/security/issues/27",
"url": "https://github.com/keycloak/security/issues/27"
}
],
"release_date": "2022-10-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "keycloak: Client Registration endpoint does not check token revocation"
},
{
"acknowledgments": [
{
"names": [
"Jordi Zayuelas i Mu\u00f1oz"
],
"organization": "A1 Digital",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-0264",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2023-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2160585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak\u0027s OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, Integrity, and availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: user impersonation via stolen uuid code",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0264"
},
{
"category": "external",
"summary": "RHBZ#2160585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0264"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264"
}
],
"release_date": "2023-02-28T18:58:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: user impersonation via stolen uuid code"
}
]
}
RHSA-2023:1049
Vulnerability from csaf_redhat - Published: 2023-03-01 21:58 - Updated: 2026-01-08 11:39Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update
Notes
Topic
A security update is now available for Red Hat Single Sign-On 7.6 from the Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.6.2 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)
* Moment.js: Path traversal in moment.locale (CVE-2022-24785)
* keycloak: missing email notification template allowlist (CVE-2022-1274)
* keycloak: minimist: prototype pollution (CVE-2021-44906)
* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)
* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)
* keycloak: path traversal via double URL encoding (CVE-2022-3782)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)
* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)
* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)
* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)
* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)
* keycloak: reflected XSS attack (CVE-2022-4137)
* Keycloak Node.js Adapter: Open redirect vulnerability in checkSSO (CVE-2022-2237)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat Single Sign-On 7.6 from the Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.6.2 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n* keycloak: missing email notification template allowlist (CVE-2022-1274)\n* keycloak: minimist: prototype pollution (CVE-2021-44906)\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)\n* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)\n* keycloak: path traversal via double URL encoding (CVE-2022-3782)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)\n* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)\n* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)\n* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)\n* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)\n* keycloak: reflected XSS attack (CVE-2022-4137)\n* Keycloak Node.js Adapter: Open redirect vulnerability in checkSSO (CVE-2022-2237)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1049",
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "2031904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904"
},
{
"category": "external",
"summary": "2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "2073157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157"
},
{
"category": "external",
"summary": "2097007",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097007"
},
{
"category": "external",
"summary": "2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "2117506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2138971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138971"
},
{
"category": "external",
"summary": "2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "2141404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2148496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "2158585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585"
},
{
"category": "external",
"summary": "2160585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1049.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update",
"tracking": {
"current_release_date": "2026-01-08T11:39:49+00:00",
"generator": {
"date": "2026-01-08T11:39:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2023:1049",
"initial_release_date": "2023-03-01T21:58:17+00:00",
"revision_history": [
{
"date": "2023-03-01T21:58:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-03-01T21:58:17+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-08T11:39:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Single Sign-On 7",
"product": {
"name": "Red Hat Single Sign-On 7",
"product_id": "Red Hat Single Sign-On 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nStatic code analysis controls ensure that security flaws, including XSS vulnerabilities, are detected early in development by scanning code for improper input handling. This prevents vulnerable code from reaching production and encourages our developers to follow secure coding practices. System monitoring controls play a crucial role in detecting and responding to XSS attacks by analyzing logs, monitoring user behavior, and generating alerts for suspicious activity. Meanwhile, AWS WAF (Web Application Firewall) adds an extra layer of defense by filtering and blocking malicious input before it reaches the platform and/or application. Together, these controls create a defense-in-depth approach, reducing the risk of XSS exploitation by preventing, detecting, and mitigating attacks at multiple levels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat Single Sign-On 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2021-35065",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156324"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glob-parent: Regular Expression Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35065"
},
{
"category": "external",
"summary": "RHBZ#2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35065"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294",
"url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294"
}
],
"release_date": "2022-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "glob-parent: Regular Expression Denial of Service"
},
{
"cve": "CVE-2021-44906",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066009"
}
],
"notes": [
{
"category": "description",
"text": "An Uncontrolled Resource Consumption flaw was found in minimist. The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. This flaw (CVE-2021-44906) allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimist: prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "As minimist is an argument parsing module for nodejs, exploitation of this vulnerability requires an attacker to influence which arguments are passed to nodejs when running a script. Red Hat products and services are designed in such a way that gaining this ability is not trivial. Additionally, the impact is limited by only enabling the pollution of functions, and not all generic objects.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44906"
},
{
"category": "external",
"summary": "RHBZ#2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h",
"url": "https://github.com/advisories/GHSA-xvch-5gv4-984h"
}
],
"release_date": "2022-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimist: prototype pollution"
},
{
"acknowledgments": [
{
"names": [
"Marcus Nilsson"
],
"organization": "usd AG"
}
],
"cve": "CVE-2022-1274",
"cwe": {
"id": "CWE-80",
"name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
},
"discovery_date": "2022-04-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073157"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: HTML injection in execute-actions-email Admin REST API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1274"
},
{
"category": "external",
"summary": "RHBZ#2073157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1274",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1274"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725"
}
],
"release_date": "2023-02-28T18:57:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: HTML injection in execute-actions-email Admin REST API"
},
{
"acknowledgments": [
{
"names": [
"Grzegorz Tworek"
],
"organization": "SISOFT s.c."
}
],
"cve": "CVE-2022-1438",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2021-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2031904"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: XSS on impersonation under specific circumstances",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1438"
},
{
"category": "external",
"summary": "RHBZ#2031904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1438",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1438"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438"
}
],
"release_date": "2023-02-28T18:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: XSS on impersonation under specific circumstances"
},
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"acknowledgments": [
{
"names": [
"Ayta\u00e7 Kal\u0131nc\u0131",
"Ilker Bulgurcu",
"Yasin Y\u0131lmaz"
],
"organization": "NETA\u015e PENTEST TEAM"
}
],
"cve": "CVE-2022-2237",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2097007"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Keycloak Node.js Adapter. This flaw allows an attacker to benefit from an Open Redirect vulnerability in the checkSso function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Adapter: Open redirect vulnerability in checkSSO",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "CodeReady Studio is no longer supported. Therefore, this flaw will not be addressed in CodeReady Studio. Please see https://developers.redhat.com/articles/2022/04/18/announcement-red-hat-codeready-studio-reaches-end-life for more information.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2237"
},
{
"category": "external",
"summary": "RHBZ#2097007",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097007"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2237"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2237",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2237"
}
],
"release_date": "2023-03-01T13:57:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Adapter: Open redirect vulnerability in checkSSO"
},
{
"cve": "CVE-2022-2764",
"discovery_date": "2022-08-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2117506"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK from the bytes, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2764"
},
{
"category": "external",
"summary": "RHBZ#2117506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2764",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2764"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764"
}
],
"release_date": "2022-08-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations"
},
{
"cve": "CVE-2022-3782",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-10-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2138971"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain or possibly conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: path traversal via double URL encoding",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not impacted as this CVE affects the server-side Keycloak execution but Quarkus only acts as a Keycloak client in its quarkus-keycloak-authorization extension. For this reason Quarkus is marked with Low impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3782"
},
{
"category": "external",
"summary": "RHBZ#2138971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138971"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3782"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3782",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3782"
}
],
"release_date": "2022-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak: path traversal via double URL encoding"
},
{
"acknowledgments": [
{
"names": [
"Peter Flintholm"
],
"organization": "Trifork"
}
],
"cve": "CVE-2022-3916",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2022-11-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2141404"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Session takeover with OIDC offline refreshtokens",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3916"
},
{
"category": "external",
"summary": "RHBZ#2141404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3916"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916"
}
],
"release_date": "2022-11-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: Session takeover with OIDC offline refreshtokens"
},
{
"cve": "CVE-2022-4137",
"cwe": {
"id": "CWE-81",
"name": "Improper Neutralization of Script in an Error Message Web Page"
},
"discovery_date": "2022-11-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2148496"
}
],
"notes": [
{
"category": "description",
"text": "A reflected cross-site scripting (XSS) vulnerability was found in the \u0027oob\u0027 OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: reflected XSS attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4137"
},
{
"category": "external",
"summary": "RHBZ#2148496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4137",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137"
}
],
"release_date": "2023-03-01T13:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak: reflected XSS attack"
},
{
"cve": "CVE-2022-24785",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-04-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2072009"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Moment.js: Path traversal in moment.locale",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Quay 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24785"
},
{
"category": "external",
"summary": "RHBZ#2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4",
"url": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4"
}
],
"release_date": "2022-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
},
{
"category": "workaround",
"details": "Sanitize the user-provided locale name before passing it to Moment.js.",
"product_ids": [
"Red Hat Single Sign-On 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Moment.js: Path traversal in moment.locale"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-31129",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105075"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "moment: inefficient parsing algorithm resulting in DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.\n\nIn Quay IO 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31129"
},
{
"category": "external",
"summary": "RHBZ#2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g",
"url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g"
}
],
"release_date": "2022-07-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "moment: inefficient parsing algorithm resulting in DoS"
},
{
"cve": "CVE-2022-37603",
"cwe": {
"id": "CWE-185",
"name": "Incorrect Regular Expression"
},
"discovery_date": "2022-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140597"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "loader-utils: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37603"
},
{
"category": "external",
"summary": "RHBZ#2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "loader-utils: Regular expression denial of service"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-38750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38750"
},
{
"category": "external",
"summary": "RHBZ#2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject"
},
{
"cve": "CVE-2022-38751",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38751"
},
{
"category": "external",
"summary": "RHBZ#2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"Red Hat Single Sign-On 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46175",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156263"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json5: Prototype Pollution in JSON5 via Parse Method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The json5 package is a build-time dependency in Red Hat products and is not used in production runtime. Hence, the impact is set to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46175"
},
{
"category": "external",
"summary": "RHBZ#2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175"
},
{
"category": "external",
"summary": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h",
"url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h"
}
],
"release_date": "2022-12-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "json5: Prototype Pollution in JSON5 via Parse Method"
},
{
"cve": "CVE-2022-46363",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155681"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: directory listing / code exfiltration",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46363"
},
{
"category": "external",
"summary": "RHBZ#2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c",
"url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "CXF: directory listing / code exfiltration"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "CXF: SSRF Vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Sourav Kumar"
],
"organization": "https://github.com/souravs17031999",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-0091",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2158585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Client Registration endpoint does not check token revocation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0091"
},
{
"category": "external",
"summary": "RHBZ#2158585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0091"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg"
},
{
"category": "external",
"summary": "https://github.com/keycloak/security/issues/27",
"url": "https://github.com/keycloak/security/issues/27"
}
],
"release_date": "2022-10-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "keycloak: Client Registration endpoint does not check token revocation"
},
{
"acknowledgments": [
{
"names": [
"Jordi Zayuelas i Mu\u00f1oz"
],
"organization": "A1 Digital",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-0264",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2023-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2160585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak\u0027s OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, Integrity, and availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: user impersonation via stolen uuid code",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0264"
},
{
"category": "external",
"summary": "RHBZ#2160585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0264"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264"
}
],
"release_date": "2023-02-28T18:58:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: user impersonation via stolen uuid code"
}
]
}
RHSA-2023:1047
Vulnerability from csaf_redhat - Published: 2023-03-01 21:46 - Updated: 2026-01-08 11:39Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 for OpenShift image security and enhancement update
Notes
Topic
A new image is available for Red Hat Single Sign-On 7.6.2, running on Red
Hat OpenShift Container Platform from the release of 3.11 up to the release
of 4.12.0.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On is an integrated sign-on solution, available as a
Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat
Single Sign-On for OpenShift image provides an authentication server that
you can use to log in centrally, log out, and register. You can also manage
user accounts for web applications, mobile applications, and RESTful web
services.
* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
* keycloak: path traversal via double URL encoding (CVE-2022-3782)
* RH-SSO for OpenShift images: unsecured management interface exposed to adjacent network (CVE-2022-4039)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
* keycloak: minimist: prototype pollution (CVE-2021-44906)
* keycloak: missing email notification template allowlist (CVE-2022-1274)
* keycloak: XSS on izmpersonation under specific circumstances (CVE-2022-1438)
* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)
* Moment.js: Path traversal in moment.locale (CVE-2022-24785)
* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)
* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)
* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)
* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)
This erratum releases a new image for Red Hat Single Sign-On 7.6.2 for use
within the Red Hat OpenShift Container Platform (from the release of 3.11
up to the release of 4.12.0) cloud computing Platform-as-a-Service (PaaS)
for on-premise or private cloud deployments, aligning with the standalone
product release.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A new image is available for Red Hat Single Sign-On 7.6.2, running on Red\nHat OpenShift Container Platform from the release of 3.11 up to the release\nof 4.12.0.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On is an integrated sign-on solution, available as a\nRed Hat JBoss Middleware for OpenShift containerized image. The Red Hat\nSingle Sign-On for OpenShift image provides an authentication server that\nyou can use to log in centrally, log out, and register. You can also manage\nuser accounts for web applications, mobile applications, and RESTful web\nservices.\n\n* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n* keycloak: path traversal via double URL encoding (CVE-2022-3782)\n* RH-SSO for OpenShift images: unsecured management interface exposed to adjacent network (CVE-2022-4039)\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)\n* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n* keycloak: minimist: prototype pollution (CVE-2021-44906)\n* keycloak: missing email notification template allowlist (CVE-2022-1274)\n* keycloak: XSS on izmpersonation under specific circumstances (CVE-2022-1438)\n* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)\n* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)\n* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)\n\nThis erratum releases a new image for Red Hat Single Sign-On 7.6.2 for use\nwithin the Red Hat OpenShift Container Platform (from the release of 3.11\nup to the release of 4.12.0) cloud computing Platform-as-a-Service (PaaS)\nfor on-premise or private cloud deployments, aligning with the standalone\nproduct release.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1047",
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "2031904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904"
},
{
"category": "external",
"summary": "2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "2073157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157"
},
{
"category": "external",
"summary": "2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "2117506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2138971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138971"
},
{
"category": "external",
"summary": "2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "2141404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404"
},
{
"category": "external",
"summary": "2143416",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143416"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "2158585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585"
},
{
"category": "external",
"summary": "2160585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1047.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 for OpenShift image security and enhancement update",
"tracking": {
"current_release_date": "2026-01-08T11:39:49+00:00",
"generator": {
"date": "2026-01-08T11:39:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2023:1047",
"initial_release_date": "2023-03-01T21:46:46+00:00",
"revision_history": [
{
"date": "2023-03-01T21:46:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-03-01T21:46:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-08T11:39:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Middleware Containers for OpenShift",
"product": {
"name": "Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhosemc:1.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x",
"product": {
"name": "rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x",
"product_id": "rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x",
"product_identification_helper": {
"purl": "pkg:oci/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21?arch=s390x\u0026repository_url=registry.redhat.io/rh-sso-7/sso76-openshift-rhel8\u0026tag=7.6-20"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"product": {
"name": "rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"product_id": "rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60?arch=ppc64le\u0026repository_url=registry.redhat.io/rh-sso-7/sso76-openshift-rhel8\u0026tag=7.6-20"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"product": {
"name": "rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"product_id": "rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f?arch=amd64\u0026repository_url=registry.redhat.io/rh-sso-7/sso76-openshift-rhel8\u0026tag=7.6-20"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le"
},
"product_reference": "rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64"
},
"product_reference": "rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
},
"product_reference": "rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2021-35065",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156324"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glob-parent: Regular Expression Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35065"
},
{
"category": "external",
"summary": "RHBZ#2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35065"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294",
"url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294"
}
],
"release_date": "2022-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "glob-parent: Regular Expression Denial of Service"
},
{
"cve": "CVE-2021-44906",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066009"
}
],
"notes": [
{
"category": "description",
"text": "An Uncontrolled Resource Consumption flaw was found in minimist. The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. This flaw (CVE-2021-44906) allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimist: prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "As minimist is an argument parsing module for nodejs, exploitation of this vulnerability requires an attacker to influence which arguments are passed to nodejs when running a script. Red Hat products and services are designed in such a way that gaining this ability is not trivial. Additionally, the impact is limited by only enabling the pollution of functions, and not all generic objects.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44906"
},
{
"category": "external",
"summary": "RHBZ#2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h",
"url": "https://github.com/advisories/GHSA-xvch-5gv4-984h"
}
],
"release_date": "2022-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimist: prototype pollution"
},
{
"acknowledgments": [
{
"names": [
"Marcus Nilsson"
],
"organization": "usd AG"
}
],
"cve": "CVE-2022-1274",
"cwe": {
"id": "CWE-80",
"name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
},
"discovery_date": "2022-04-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073157"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: HTML injection in execute-actions-email Admin REST API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1274"
},
{
"category": "external",
"summary": "RHBZ#2073157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1274",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1274"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725"
}
],
"release_date": "2023-02-28T18:57:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: HTML injection in execute-actions-email Admin REST API"
},
{
"acknowledgments": [
{
"names": [
"Grzegorz Tworek"
],
"organization": "SISOFT s.c."
}
],
"cve": "CVE-2022-1438",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2021-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2031904"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: XSS on impersonation under specific circumstances",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1438"
},
{
"category": "external",
"summary": "RHBZ#2031904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1438",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1438"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438"
}
],
"release_date": "2023-02-28T18:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: XSS on impersonation under specific circumstances"
},
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"cve": "CVE-2022-2764",
"discovery_date": "2022-08-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2117506"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK from the bytes, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2764"
},
{
"category": "external",
"summary": "RHBZ#2117506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2764",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2764"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764"
}
],
"release_date": "2022-08-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations"
},
{
"cve": "CVE-2022-3782",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-10-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2138971"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain or possibly conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: path traversal via double URL encoding",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not impacted as this CVE affects the server-side Keycloak execution but Quarkus only acts as a Keycloak client in its quarkus-keycloak-authorization extension. For this reason Quarkus is marked with Low impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3782"
},
{
"category": "external",
"summary": "RHBZ#2138971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138971"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3782"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3782",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3782"
}
],
"release_date": "2022-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak: path traversal via double URL encoding"
},
{
"acknowledgments": [
{
"names": [
"Peter Flintholm"
],
"organization": "Trifork"
}
],
"cve": "CVE-2022-3916",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2022-11-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2141404"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Session takeover with OIDC offline refreshtokens",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3916"
},
{
"category": "external",
"summary": "RHBZ#2141404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3916"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916"
}
],
"release_date": "2022-11-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: Session takeover with OIDC offline refreshtokens"
},
{
"acknowledgments": [
{
"names": [
"Thibault Guittet"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2022-4039",
"cwe": {
"id": "CWE-276",
"name": "Incorrect Default Permissions"
},
"discovery_date": "2022-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143416"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server configuration.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhsso-container-image: unsecured management interface exposed to adjecent network",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4039"
},
{
"category": "external",
"summary": "RHBZ#2143416",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143416"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4039"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4039",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4039"
}
],
"release_date": "2023-02-28T21:26:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rhsso-container-image: unsecured management interface exposed to adjecent network"
},
{
"cve": "CVE-2022-24785",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-04-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2072009"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Moment.js: Path traversal in moment.locale",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Quay 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24785"
},
{
"category": "external",
"summary": "RHBZ#2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4",
"url": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4"
}
],
"release_date": "2022-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
},
{
"category": "workaround",
"details": "Sanitize the user-provided locale name before passing it to Moment.js.",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Moment.js: Path traversal in moment.locale"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-31129",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105075"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "moment: inefficient parsing algorithm resulting in DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.\n\nIn Quay IO 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31129"
},
{
"category": "external",
"summary": "RHBZ#2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g",
"url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g"
}
],
"release_date": "2022-07-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "moment: inefficient parsing algorithm resulting in DoS"
},
{
"cve": "CVE-2022-37603",
"cwe": {
"id": "CWE-185",
"name": "Incorrect Regular Expression"
},
"discovery_date": "2022-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140597"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "loader-utils: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37603"
},
{
"category": "external",
"summary": "RHBZ#2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "loader-utils: Regular expression denial of service"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-38750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38750"
},
{
"category": "external",
"summary": "RHBZ#2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject"
},
{
"cve": "CVE-2022-38751",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38751"
},
{
"category": "external",
"summary": "RHBZ#2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46175",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156263"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json5: Prototype Pollution in JSON5 via Parse Method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The json5 package is a build-time dependency in Red Hat products and is not used in production runtime. Hence, the impact is set to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46175"
},
{
"category": "external",
"summary": "RHBZ#2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175"
},
{
"category": "external",
"summary": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h",
"url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h"
}
],
"release_date": "2022-12-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "json5: Prototype Pollution in JSON5 via Parse Method"
},
{
"cve": "CVE-2022-46363",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155681"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: directory listing / code exfiltration",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46363"
},
{
"category": "external",
"summary": "RHBZ#2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c",
"url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "CXF: directory listing / code exfiltration"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "CXF: SSRF Vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Sourav Kumar"
],
"organization": "https://github.com/souravs17031999",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-0091",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2158585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Client Registration endpoint does not check token revocation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0091"
},
{
"category": "external",
"summary": "RHBZ#2158585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0091"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg"
},
{
"category": "external",
"summary": "https://github.com/keycloak/security/issues/27",
"url": "https://github.com/keycloak/security/issues/27"
}
],
"release_date": "2022-10-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "keycloak: Client Registration endpoint does not check token revocation"
},
{
"acknowledgments": [
{
"names": [
"Jordi Zayuelas i Mu\u00f1oz"
],
"organization": "A1 Digital",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-0264",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2023-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2160585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak\u0027s OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, Integrity, and availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: user impersonation via stolen uuid code",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0264"
},
{
"category": "external",
"summary": "RHBZ#2160585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0264"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264"
}
],
"release_date": "2023-02-28T18:58:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:46:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:10450cf7e28d9b1628e95867562763019181a9a980e6e465fe69faf056a1cb60_ppc64le",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:19520720c6ff7acbfb4c8b1bc0d9353c2205bb640405f1d08f70ee14061f190f_amd64",
"8Base-RHOSE-Middleware:rh-sso-7/sso76-openshift-rhel8@sha256:77e19865fa9031305daa8c9872eb273c6442748a9cd3d6628309721fbf781c21_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: user impersonation via stolen uuid code"
}
]
}
CERTFR-2022-AVI-928
Vulnerability from certfr_avis - Published: 2022-10-19 - Updated: 2022-10-19
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar | IBM QRadar Pulse App versions antérieures à 2.2.9 | ||
| IBM | N/A | CP4BA version 22.0.1 sans le correctif de sécurité CP4BA 22.0.1-IF2 | ||
| IBM | Cloud Pak | IBM Robotic Process Automation pour Cloud Pak versions antérieures à 21.0.5 | ||
| IBM | N/A | IBM ECM CMIS et FileNet Collaboration Services version 3.0.6 sans le correctif de sécurité CMIS 3.0.6-IF2 | ||
| IBM | Cognos Analytics | IBM Cognos Analytics versions 11.2.x antérieures à 11.2.3 | ||
| IBM | Cognos Analytics | IBM Cognos Analytics versions 11.1.x antérieures à 11.1.7 FP6 | ||
| IBM | N/A | CP4BA version 21.0.3 sans le correctif de sécurité CP4BA 21.0.3-IF12 | ||
| IBM | N/A | Enterprise Content Management System Monitor (ESM) versions 5.5.x antérieures à 5.5.9 | ||
| IBM | QRadar User Behavior Analytics | QRadar User Behavior Analytics version 4.1.8 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM QRadar Pulse App versions ant\u00e9rieures \u00e0 2.2.9",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "CP4BA version 22.0.1 sans le correctif de s\u00e9curit\u00e9 CP4BA 22.0.1-IF2",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Robotic Process Automation pour Cloud Pak versions ant\u00e9rieures \u00e0 21.0.5",
"product": {
"name": "Cloud Pak",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM ECM CMIS et FileNet Collaboration Services version 3.0.6 sans le correctif de s\u00e9curit\u00e9 CMIS 3.0.6-IF2",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.3",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Cognos Analytics versions 11.1.x ant\u00e9rieures \u00e0 11.1.7 FP6",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "CP4BA version 21.0.3 sans le correctif de s\u00e9curit\u00e9 CP4BA 21.0.3-IF12",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Enterprise Content Management System Monitor (ESM) versions 5.5.x ant\u00e9rieures \u00e0 5.5.9",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar User Behavior Analytics version 4.1.8",
"product": {
"name": "QRadar User Behavior Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"name": "CVE-2018-3721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3721"
},
{
"name": "CVE-2022-22965",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22965"
},
{
"name": "CVE-2021-29425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29425"
},
{
"name": "CVE-2021-22959",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22959"
},
{
"name": "CVE-2020-7788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7788"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2021-34538",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34538"
},
{
"name": "CVE-2021-33502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
},
{
"name": "CVE-2019-9947",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9947"
},
{
"name": "CVE-2018-20852",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20852"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2022-25647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25647"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2020-26116",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26116"
},
{
"name": "CVE-2020-13936",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13936"
},
{
"name": "CVE-2020-4051",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-4051"
},
{
"name": "CVE-2019-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9636"
},
{
"name": "CVE-2021-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
},
{
"name": "CVE-2019-10202",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10202"
},
{
"name": "CVE-2021-4160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4160"
},
{
"name": "CVE-2021-22960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22960"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2021-43138",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43138"
},
{
"name": "CVE-2018-25031",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25031"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2021-3711",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2019-1010266",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010266"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2019-10744",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10744"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2020-9492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9492"
},
{
"name": "CVE-2019-9740",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9740"
},
{
"name": "CVE-2021-23450",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23450"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2020-15523",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15523"
},
{
"name": "CVE-2020-27619",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27619"
},
{
"name": "CVE-2020-8492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8492"
},
{
"name": "CVE-2021-22569",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22569"
},
{
"name": "CVE-2021-3177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3177"
},
{
"name": "CVE-2019-18348",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18348"
},
{
"name": "CVE-2019-0205",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0205"
},
{
"name": "CVE-2019-10172",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10172"
},
{
"name": "CVE-2022-34339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34339"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2020-8203",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8203"
},
{
"name": "CVE-2018-16487",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16487"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"name": "CVE-2018-20406",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20406"
},
{
"name": "CVE-2011-4969",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4969"
},
{
"name": "CVE-2021-3765",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3765"
},
{
"name": "CVE-2021-44907",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44907"
},
{
"name": "CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"name": "CVE-2012-6708",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6708"
},
{
"name": "CVE-2020-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7656"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2020-7598",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7598"
},
{
"name": "CVE-2019-16935",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16935"
},
{
"name": "CVE-2022-26488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
},
{
"name": "CVE-2022-24758",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24758"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"initial_release_date": "2022-10-19T00:00:00",
"last_revision_date": "2022-10-19T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-928",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-10-19T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6830211 du 18 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6830211"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6830243 du 18 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6830243"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6828527 du 17 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6828527"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6830257 du 18 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6830257"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6830265 du 18 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6830265"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6830017 du 18 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6830017"
}
]
}
CERTFR-2023-AVI-0357
Vulnerability from certfr_avis - Published: 2023-05-05 - Updated: 2023-05-05
De multiples vulnérabilités ont été découvertes dans IBM Cognos. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Cognos Command Center version 10.2.4.1 sans le correctif de s\u00e9curit\u00e9 IF17",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-27223",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27223"
},
{
"name": "CVE-2020-27218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27218"
},
{
"name": "CVE-2021-29425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29425"
},
{
"name": "CVE-2021-28169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28169"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2022-420004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-420004"
},
{
"name": "CVE-2022-31160",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31160"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2022-2048",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2048"
},
{
"name": "CVE-2021-28165",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28165"
},
{
"name": "CVE-2021-37533",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37533"
},
{
"name": "CVE-2017-7658",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7658"
},
{
"name": "CVE-2022-2047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2047"
},
{
"name": "CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"name": "CVE-2018-12545",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12545"
},
{
"name": "CVE-2022-21449",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21449"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2017-7657",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7657"
},
{
"name": "CVE-2018-12536",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12536"
},
{
"name": "CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"name": "CVE-2022-2191",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2191"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2022-38707",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38707"
},
{
"name": "CVE-2019-10241",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10241"
},
{
"name": "CVE-2019-10247",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10247"
},
{
"name": "CVE-2017-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7656"
},
{
"name": "CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"name": "CVE-2022-21443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21443"
},
{
"name": "CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"name": "CVE-2021-34428",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34428"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"initial_release_date": "2023-05-05T00:00:00",
"last_revision_date": "2023-05-05T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0357",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-05-05T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM Cognos.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM Cognos",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6988263 du 04 mai 2023",
"url": "https://www.ibm.com/support/pages/node/6988263"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6983274 du 04 mai 2023",
"url": "https://www.ibm.com/support/pages/node/6983274"
}
]
}
CERTFR-2020-AVI-219
Vulnerability from certfr_avis - Published: 2020-04-15 - Updated: 2020-04-15
De multiples vulnérabilités ont été découvertes dans Oracle Systems. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sun ZFS Storage Appliance Kit version 8.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "StorageTek Tape Analytics SW Tool version 2.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Solaris versions 10 et 11",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-1165",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1165"
},
{
"name": "CVE-2020-2749",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2749"
},
{
"name": "CVE-2020-2851",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2851"
},
{
"name": "CVE-2019-2729",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2729"
},
{
"name": "CVE-2020-2927",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2927"
},
{
"name": "CVE-2020-2771",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2771"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2020-2944",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2944"
}
],
"initial_release_date": "2020-04-15T00:00:00",
"last_revision_date": "2020-04-15T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-219",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-04-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Systems.\nElles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Systems",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2020 du 14 avril 2020",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2020verbose du 14 avril 2020",
"url": "https://www.oracle.com/security-alerts/cpuapr2020verbose.html#SUNS"
}
]
}
CERTFR-2023-AVI-0190
Vulnerability from certfr_avis - Published: 2023-03-03 - Updated: 2023-03-03
De multiples vulnérabilités ont été découvertes dans Tenable Nessus. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneReferences
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Nessus versions ant\u00e9rieures \u00e0 10.5.0",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2020-28458",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28458"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2021-23445",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23445"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2020-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7656"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"initial_release_date": "2023-03-03T00:00:00",
"last_revision_date": "2023-03-03T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0190",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-03T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable Nessus.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable Nessus",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable tns-2023-09 du 02 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-09"
}
]
}
CERTFR-2024-AVI-0459
Vulnerability from certfr_avis - Published: 2024-05-31 - Updated: 2024-05-31
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | N/A | IBM Db2 on Cloud Pak for Data et Db2 Warehouse on Cloud Pak for Data versions postérieures à 3.5 et antérieures à 4.8.5 | ||
| IBM | N/A | DevOps Code ClearCase versions 11.0.x sans le dernier correctif de sécurité | ||
| IBM | N/A | Rational ClearCase versions 9.1.x et 10.0.0.x sans le dernier correctif de sécurité |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Db2 on Cloud Pak for Data et Db2 Warehouse on Cloud Pak for Data versions post\u00e9rieures \u00e0 3.5 et ant\u00e9rieures \u00e0 4.8.5",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "DevOps Code ClearCase versions 11.0.x sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Rational ClearCase versions 9.1.x et 10.0.0.x sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-1597",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1597"
},
{
"name": "CVE-2023-49568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49568"
},
{
"name": "CVE-2024-25030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25030"
},
{
"name": "CVE-2023-45857",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45857"
},
{
"name": "CVE-2024-23944",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23944"
},
{
"name": "CVE-2020-9546",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9546"
},
{
"name": "CVE-2020-13956",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13956"
},
{
"name": "CVE-2020-10673",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10673"
},
{
"name": "CVE-2020-35728",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35728"
},
{
"name": "CVE-2020-36181",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36181"
},
{
"name": "CVE-2020-9548",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9548"
},
{
"name": "CVE-2020-36182",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36182"
},
{
"name": "CVE-2020-24616",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24616"
},
{
"name": "CVE-2023-52296",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52296"
},
{
"name": "CVE-2020-36185",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36185"
},
{
"name": "CVE-2024-25046",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25046"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2022-36364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36364"
},
{
"name": "CVE-2022-1996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1996"
},
{
"name": "CVE-2019-16942",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16942"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2020-9547",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9547"
},
{
"name": "CVE-2020-36179",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36179"
},
{
"name": "CVE-2020-10650",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10650"
},
{
"name": "CVE-2023-44270",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44270"
},
{
"name": "CVE-2020-36186",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36186"
},
{
"name": "CVE-2020-36189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36189"
},
{
"name": "CVE-2020-35490",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35490"
},
{
"name": "CVE-2023-34462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34462"
},
{
"name": "CVE-2018-1313",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1313"
},
{
"name": "CVE-2022-46337",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46337"
},
{
"name": "CVE-2021-20190",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20190"
},
{
"name": "CVE-2019-13224",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13224"
},
{
"name": "CVE-2019-19204",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19204"
},
{
"name": "CVE-2020-11113",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11113"
},
{
"name": "CVE-2024-27254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27254"
},
{
"name": "CVE-2020-10672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10672"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2020-10969",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10969"
},
{
"name": "CVE-2020-23064",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-23064"
},
{
"name": "CVE-2024-22195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22195"
},
{
"name": "CVE-2020-36187",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36187"
},
{
"name": "CVE-2020-11620",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11620"
},
{
"name": "CVE-2023-36478",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36478"
},
{
"name": "CVE-2015-1832",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1832"
},
{
"name": "CVE-2021-21295",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21295"
},
{
"name": "CVE-2020-24750",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24750"
},
{
"name": "CVE-2024-22190",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22190"
},
{
"name": "CVE-2019-16163",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16163"
},
{
"name": "CVE-2019-16943",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16943"
},
{
"name": "CVE-2023-51775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
},
{
"name": "CVE-2024-22360",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22360"
},
{
"name": "CVE-2024-26130",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26130"
},
{
"name": "CVE-2019-20330",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20330"
},
{
"name": "CVE-2020-14195",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14195"
},
{
"name": "CVE-2023-44981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44981"
},
{
"name": "CVE-2018-10237",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10237"
},
{
"name": "CVE-2020-35491",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35491"
},
{
"name": "CVE-2019-17531",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17531"
},
{
"name": "CVE-2023-38729",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38729"
},
{
"name": "CVE-2024-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21626"
},
{
"name": "CVE-2019-19203",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19203"
},
{
"name": "CVE-2020-14061",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14061"
},
{
"name": "CVE-2023-40167",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40167"
},
{
"name": "CVE-2023-41900",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41900"
},
{
"name": "CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"name": "CVE-2020-11619",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11619"
},
{
"name": "CVE-2020-36183",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36183"
},
{
"name": "CVE-2020-8840",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8840"
},
{
"name": "CVE-2023-36479",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36479"
},
{
"name": "CVE-2024-24549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24549"
},
{
"name": "CVE-2020-36184",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36184"
},
{
"name": "CVE-2020-36180",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36180"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2021-31684",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31684"
},
{
"name": "CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"name": "CVE-2023-261257",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-261257"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2023-49569",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49569"
},
{
"name": "CVE-2020-10968",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10968"
},
{
"name": "CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"name": "CVE-2020-25649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
},
{
"name": "CVE-2024-0690",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0690"
},
{
"name": "CVE-2024-22354",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22354"
},
{
"name": "CVE-2020-11112",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11112"
},
{
"name": "CVE-2019-19012",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19012"
},
{
"name": "CVE-2020-11111",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11111"
},
{
"name": "CVE-2012-2677",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2677"
},
{
"name": "CVE-2020-14060",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14060"
},
{
"name": "CVE-2020-36188",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36188"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"name": "CVE-2020-14062",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14062"
}
],
"initial_release_date": "2024-05-31T00:00:00",
"last_revision_date": "2024-05-31T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0459",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-05-31T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2024-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7155114",
"url": "https://www.ibm.com/support/pages/node/7155114"
},
{
"published_at": "2024-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7155078",
"url": "https://www.ibm.com/support/pages/node/7155078"
}
]
}
CERTFR-2020-AVI-454
Vulnerability from certfr_avis - Published: 2020-07-20 - Updated: 2020-07-20
De multiples vulnérabilités ont été découvertes dans Moodle. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service à distance et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Moodle versions 3.8.x ant\u00e9rieures \u00e0 3.8.4",
"product": {
"name": "Moodle",
"vendor": {
"name": "Moodle",
"scada": false
}
}
},
{
"description": "Moodle versions 3.7.x ant\u00e9rieures \u00e0 3.7.7",
"product": {
"name": "Moodle",
"vendor": {
"name": "Moodle",
"scada": false
}
}
},
{
"description": "Moodle versions 3.9.x ant\u00e9rieures \u00e0 3.9.1",
"product": {
"name": "Moodle",
"vendor": {
"name": "Moodle",
"scada": false
}
}
},
{
"description": "Moodle versions ant\u00e9rieures \u00e0 3.5.13",
"product": {
"name": "Moodle",
"vendor": {
"name": "Moodle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-14322",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14322"
},
{
"name": "CVE-2020-14320",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14320"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2020-14321",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14321"
}
],
"initial_release_date": "2020-07-20T00:00:00",
"last_revision_date": "2020-07-20T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-454",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-07-20T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Moodle. Certaines\nd\u0027entre elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de\ns\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service \u00e0 distance et\nune \u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Moodle",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-20-008 du 20 juillet 2020",
"url": "https://moodle.org/mod/forum/discuss.php?d=407392"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-20-009 du 20 juillet 2020",
"url": "https://moodle.org/mod/forum/discuss.php?d=407393"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-20-007 du 20 juillet 2020",
"url": "https://moodle.org/mod/forum/discuss.php?d=407391"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Moodle MSA-20-010 du 20 juillet 2020",
"url": "https://moodle.org/mod/forum/discuss.php?d=407394"
}
]
}
CERTFR-2023-AVI-0537
Vulnerability from certfr_avis - Published: 2023-07-13 - Updated: 2023-07-13
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Junos Space | Juniper Networks Junos Space versions antérieures à 23.1R1 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions antérieures à 20.4R3-S6-EVO, 20.4R3-S7-EVO, 21.2R3-S5-EVO, 21.3R3-S1-EVO, 21.3R3-S4-EVO, 21.4R3-EVO, 21.4R3-S2-EVO, 21.4R3-S3-EVO, 21.4R3-S4-EVO, 22.1R1-S2-EVO, 22.1R2-EVO, 22.1R3-EVO, 22.1R3-S3-EVO, 22.2R2-EVO, 22.2R2-S1-EVO, 22.2R3-S2-EVO*, 22.2R3-EVO et 22.3R1-EVO, 22.3R2-EVO, 22.3R3-EVO, 22.4R1-EVO, 22.4R1-S2-EVO, 22.4R2-EVO, 23.1R1-EVO | ||
| Juniper Networks | Junos OS | Junos OS gamme QFX10000 versions antérieures à 20.4R3-S5, 21.1R3-S5, 21.2R3-S5, 21.3R3-S4, 21.4R3-S1, 22.1R3, 22.2R2, 22.3R1-S2, 22.3R2 et 22.4R1 | ||
| Juniper Networks | Junos OS | Junos OS gamme SRX versions antérieures à 20.2R3-S7, 20.4R3-S6, 21.1R3-S5, 21.2R3-S4, 21.3R3-S4, 21.4R3-S3, 22.1R3-S1, 22.2R3, 22.3R2, 22.3R2-S1, 22.3R3, 22.4R1-S1, 22.4R1-S2, 22.4R2 et 23.1R1 | ||
| Juniper Networks | Junos OS | Junos OS gamme MX versions antérieures à 19.1R3-S10, 19.2R3-S7, 19.3R3-S8, 19.4R3-S12, 20.2R3-S8, 20.4R3-S7, 21.1R3-S5, 21.2R3-S5, 21.2R3-S4, 21.3R3-S4, 21.4R3-S3, 21.4R3-S4, 22.1R3-S2, 22.1R3-S3, 22.2R3-S1, 22.3R3, 22.3R2-S1, 22.4R1-S2, 22.4R2 et 23.1R1 | ||
| Juniper Networks | N/A | Juniper Networks gammes SRX et MX versions antérieures à SigPack 3598 | ||
| Juniper Networks | Junos OS | Junos OS gammes SRX 4600 et SRX 5000 versions antérieures à 20.2R3-S7, 20.4R3-S7, 21.1R3-S5, 21.2R3-S3, 21.3R3-S3, 21.4R3-S1, 22.1R3, 22.2R2, 22.3R1-S1, 22.3R2 et 22.4R1 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 19.1R3-S10, 19.2R3-S7, 19.3R3-S7, 19.3R3-S8, 19.4R3-S9, 19.4R3-S10, 19.4R3-S11, 20.2R3-S7, 20.3R3-S5, 20.3R3-S6, 20.4R3-S6, 20.4R3-S7, 21.1R3-S4, 21.2R3-S2, 21.3R3-S1, 21.4R3, 22.1R1-S2, 22.1R2, 22.2R2, 20.2R3-S6, 20.4R3-S5, 21.1R3-S4, 21.2R3-S3, 21.2R3-S5, 21.3R3-S2, 21.3R3-S4, 21.4R3, 21.4R3-S4, 22.1R3, 22.2R2, 22.2R3, 22.3R1, 22.3R2, 22.4R1 et 23.2R1 | ||
| Juniper Networks | N/A | Juniper Networks Contrail Cloud versions antérieures à 16.3.0 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Juniper Networks Junos Space versions ant\u00e9rieures \u00e0 23.1R1",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 20.4R3-S6-EVO, 20.4R3-S7-EVO, 21.2R3-S5-EVO, 21.3R3-S1-EVO, 21.3R3-S4-EVO, 21.4R3-EVO, 21.4R3-S2-EVO, 21.4R3-S3-EVO, 21.4R3-S4-EVO, 22.1R1-S2-EVO, 22.1R2-EVO, 22.1R3-EVO, 22.1R3-S3-EVO, 22.2R2-EVO, 22.2R2-S1-EVO, 22.2R3-S2-EVO*, 22.2R3-EVO et 22.3R1-EVO, 22.3R2-EVO, 22.3R3-EVO, 22.4R1-EVO, 22.4R1-S2-EVO, 22.4R2-EVO, 23.1R1-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS gamme QFX10000 versions ant\u00e9rieures \u00e0 20.4R3-S5, 21.1R3-S5, 21.2R3-S5, 21.3R3-S4, 21.4R3-S1, 22.1R3, 22.2R2, 22.3R1-S2, 22.3R2 et 22.4R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS gamme SRX versions ant\u00e9rieures \u00e0 20.2R3-S7, 20.4R3-S6, 21.1R3-S5, 21.2R3-S4, 21.3R3-S4, 21.4R3-S3, 22.1R3-S1, 22.2R3, 22.3R2, 22.3R2-S1, 22.3R3, 22.4R1-S1, 22.4R1-S2, 22.4R2 et 23.1R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS gamme MX versions ant\u00e9rieures \u00e0 19.1R3-S10, 19.2R3-S7, 19.3R3-S8, 19.4R3-S12, 20.2R3-S8, 20.4R3-S7, 21.1R3-S5, 21.2R3-S5, 21.2R3-S4, 21.3R3-S4, 21.4R3-S3, 21.4R3-S4, 22.1R3-S2, 22.1R3-S3, 22.2R3-S1, 22.3R3, 22.3R2-S1, 22.4R1-S2, 22.4R2 et 23.1R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Networks gammes SRX et MX versions ant\u00e9rieures \u00e0 SigPack 3598",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS gammes SRX 4600 et SRX 5000 versions ant\u00e9rieures \u00e0 20.2R3-S7, 20.4R3-S7, 21.1R3-S5, 21.2R3-S3, 21.3R3-S3, 21.4R3-S1, 22.1R3, 22.2R2, 22.3R1-S1, 22.3R2 et 22.4R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 19.1R3-S10, 19.2R3-S7, 19.3R3-S7, 19.3R3-S8, 19.4R3-S9, 19.4R3-S10, 19.4R3-S11, 20.2R3-S7, 20.3R3-S5, 20.3R3-S6, 20.4R3-S6, 20.4R3-S7, 21.1R3-S4, 21.2R3-S2, 21.3R3-S1, 21.4R3, 22.1R1-S2, 22.1R2, 22.2R2, 20.2R3-S6, 20.4R3-S5, 21.1R3-S4, 21.2R3-S3, 21.2R3-S5, 21.3R3-S2, 21.3R3-S4, 21.4R3, 21.4R3-S4, 22.1R3, 22.2R2, 22.2R3, 22.3R1, 22.3R2, 22.4R1 et 23.2R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Networks Contrail Cloud versions ant\u00e9rieures \u00e0 16.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-40085",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40085"
},
{
"name": "CVE-2022-41974",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41974"
},
{
"name": "CVE-2023-36831",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36831"
},
{
"name": "CVE-2023-36848",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36848"
},
{
"name": "CVE-2022-23825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23825"
},
{
"name": "CVE-2023-36850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36850"
},
{
"name": "CVE-2023-36833",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36833"
},
{
"name": "CVE-2021-25220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25220"
},
{
"name": "CVE-2022-2964",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2964"
},
{
"name": "CVE-2022-42703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42703"
},
{
"name": "CVE-2022-29900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29900"
},
{
"name": "CVE-2022-29901",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29901"
},
{
"name": "CVE-2022-30123",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30123"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2022-31626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31626"
},
{
"name": "CVE-2020-7071",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7071"
},
{
"name": "CVE-2021-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21704"
},
{
"name": "CVE-2023-36849",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36849"
},
{
"name": "CVE-2021-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21705"
},
{
"name": "CVE-2022-31625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31625"
},
{
"name": "CVE-2020-13946",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13946"
},
{
"name": "CVE-2021-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21707"
},
{
"name": "CVE-2023-36832",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36832"
},
{
"name": "CVE-2022-31629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31629"
},
{
"name": "CVE-2023-36836",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36836"
},
{
"name": "CVE-2017-7653",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7653"
},
{
"name": "CVE-2022-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2795"
},
{
"name": "CVE-2021-26401",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26401"
},
{
"name": "CVE-2022-4378",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4378"
},
{
"name": "CVE-2022-31627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31627"
},
{
"name": "CVE-2022-26373",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26373"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2022-38023",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38023"
},
{
"name": "CVE-2022-31628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31628"
},
{
"name": "CVE-2023-36834",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36834"
},
{
"name": "CVE-2017-7654",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7654"
},
{
"name": "CVE-2022-2588",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2588"
},
{
"name": "CVE-2023-36840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36840"
},
{
"name": "CVE-2021-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21708"
},
{
"name": "CVE-2021-21703",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21703"
},
{
"name": "CVE-2020-13817",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13817"
},
{
"name": "CVE-2020-11868",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11868"
},
{
"name": "CVE-2022-3276",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3276"
},
{
"name": "CVE-2017-7655",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7655"
},
{
"name": "CVE-2021-21702",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21702"
},
{
"name": "CVE-2023-28985",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28985"
},
{
"name": "CVE-2023-36838",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36838"
},
{
"name": "CVE-2023-36835",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36835"
}
],
"initial_release_date": "2023-07-13T00:00:00",
"last_revision_date": "2023-07-13T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0537",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-07-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA71636 du 12 juillet 2023",
"url": "https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-SRX-Series-jbuf-memory-leak-when-SSL-Proxy-and-UTM-Web-Filtering-is-applied-CVE-2023-36831?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA71639 du 12 juillet 2023",
"url": "https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-MX-Series-PFE-crash-upon-receipt-of-specific-packet-destined-to-an-AMS-interface-CVE-2023-36832?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA71661 du 12 juillet 2023",
"url": "https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-MX-Series-An-MPC-will-crash-upon-receipt-of-a-malformed-CFM-packet-CVE-2023-36850?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA71659 du 12 juillet 2023",
"url": "https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-The-FPC-will-crash-on-receiving-a-malformed-CFM-packet-CVE-2023-36848?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA71647 du 12 juillet 2023",
"url": "https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-rpd-crash-occurs-when-a-specific-L2VPN-command-is-run-CVE-2023-36840?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA71642 du 12 juillet 2023",
"url": "https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-QFX10000-Series-All-traffic-will-be-dropped-after-a-specific-valid-IP-packet-has-been-received-which-needs-to-be-routed-over-a-VXLAN-tunnel-CVE-2023-36835?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA71660 du 12 juillet 2023",
"url": "https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-The-l2cpd-will-crash-when-a-malformed-LLDP-packet-is-received-CVE-2023-36849?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA71662 du 12 juillet 2023",
"url": "https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-SRX-Series-and-MX-Series-An-FPC-core-is-observed-when-IDP-is-enabled-on-the-device-and-a-specific-malformed-SSL-packet-is-received-CVE-2023-28985?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA71651 du 12 juillet 2023",
"url": "https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-Evolved-Multiple-NTP-vulnerabilities-resolved?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA71643 du 12 juillet 2023",
"url": "https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-MoFRR-scenario-an-rpd-core-may-be-observed-when-a-low-privileged-CLI-command-is-executed-CVE-2023-36836?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA71641 du 12 juillet 2023",
"url": "https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-SRX-4600-and-SRX-5000-Series-The-receipt-of-specific-genuine-packets-by-SRXes-configured-for-L2-transparency-will-cause-a-DoS-CVE-2023-36834?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA71645 du 12 juillet 2023",
"url": "https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-SRX-Series-A-flowd-core-occurs-when-running-a-low-privileged-CLI-command-CVE-2023-36838?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA71653 du 12 juillet 2023",
"url": "https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-J-Web-Multiple-Vulnerabilities-in-PHP-software?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA71650 du 12 juillet 2023",
"url": "https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Contrail-Cloud-Multiple-Vulnerabilities-have-been-resolved-in-Contrail-Cloud-release-16-3-0?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA71655 du 12 juillet 2023",
"url": "https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Multiple-vulnerabilities-have-been-resolved-in-MQTT?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA71640 du 12 juillet 2023",
"url": "https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-Evolved-PTX10001-36MR-and-PTX10004-PTX10008-PTX10016-with-LC1201-1202-The-aftman-bt-process-will-crash-in-a-MoFRR-scenario-CVE-2023-36833?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA71656 du 12 juillet 2023",
"url": "https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-23-1R1-release?language=en_US"
}
]
}
CERTFR-2022-AVI-924
Vulnerability from certfr_avis - Published: 2022-10-18 - Updated: 2022-10-18
De multiples vulnérabilités ont été découvertes dans IBM QRadar. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM QRadar Pulse App versions ant\u00e9rieures \u00e0 2.2.9",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar Analyst Workflow versions ant\u00e9rieures \u00e0 2.31.4",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"name": "CVE-2018-3721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3721"
},
{
"name": "CVE-2021-22959",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22959"
},
{
"name": "CVE-2020-7788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7788"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2021-33502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2021-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
},
{
"name": "CVE-2022-0155",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0155"
},
{
"name": "CVE-2021-22960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22960"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2018-25031",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25031"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2019-1010266",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010266"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2019-10744",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10744"
},
{
"name": "CVE-2022-0536",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0536"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2021-23346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23346"
},
{
"name": "CVE-2021-23566",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23566"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2020-8203",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8203"
},
{
"name": "CVE-2018-16487",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16487"
},
{
"name": "CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"name": "CVE-2021-3765",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3765"
},
{
"name": "CVE-2021-44907",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44907"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2020-7598",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7598"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"initial_release_date": "2022-10-18T00:00:00",
"last_revision_date": "2022-10-18T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-924",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-10-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM QRadar.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM QRadar",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6827633 du 17 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6827633"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6830017 du 17 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6830017"
}
]
}
CERTFR-2024-AVI-0737
Vulnerability from certfr_avis - Published: 2024-09-04 - Updated: 2024-09-04
De multiples vulnérabilités ont été découvertes dans Moxa OnCell 3120-LTE-1 Series. Elles permettent à un attaquant de provoquer une injection de code indirecte à distance (XSS).
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Moxa | OnCell 3120-LTE-1 Series | OnCell 3120-LTE-1 Series sans les derniers correctifs de sécurité |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "OnCell 3120-LTE-1 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "OnCell 3120-LTE-1 Series",
"vendor": {
"name": "Moxa",
"scada": true
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2020-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7656"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"initial_release_date": "2024-09-04T00:00:00",
"last_revision_date": "2024-09-04T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0737",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-09-04T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Moxa OnCell 3120-LTE-1 Series. Elles permettent \u00e0 un attaquant de provoquer une injection de code indirecte \u00e0 distance (XSS).",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Moxa OnCell 3120-LTE-1 Series",
"vendor_advisories": [
{
"published_at": "2024-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 Moxa JSA",
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-244707-oncell-3120-lte-1-series-multiple-jquery-vulnerabilities"
}
]
}
CERTFR-2023-AVI-0250
Vulnerability from certfr_avis - Published: 2023-03-22 - Updated: 2023-03-22
De multiples vulnérabilités ont été corrigées dans les produits IBM. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité, une injection de code indirecte à distance (XSS), une élévation de privilèges et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar SIEM | IBM QRadar SIEM versions 7.5.0 UPx antérieures à 7.5.0 UP5 | ||
| IBM | WebSphere | IBM WebSphere Extreme Scale versions 8.6.1.x antérieures à 8.6.1.5 incluant le correctif de sécurité PH53340 | ||
| IBM | WebSphere | IBM WebSphere Application Server versions 9.0.x antérieures à 9.0.5.14 incluant le correctif de sécurité PH52925 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions 7.4.3 FPx antérieures à 7.4.3 FP9 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM QRadar SIEM versions 7.5.0 UPx ant\u00e9rieures \u00e0 7.5.0 UP5",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Extreme Scale versions 8.6.1.x ant\u00e9rieures \u00e0 8.6.1.5 incluant le correctif de s\u00e9curit\u00e9 PH53340",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Application Server versions 9.0.x ant\u00e9rieures \u00e0 9.0.5.14 incluant le correctif de s\u00e9curit\u00e9 PH52925",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions 7.4.3 FPx ant\u00e9rieures \u00e0 7.4.3 FP9",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-26283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26283"
},
{
"name": "CVE-2018-15494",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15494"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2022-43863",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43863"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"name": "CVE-2012-6708",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6708"
},
{
"name": "CVE-2020-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7656"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"initial_release_date": "2023-03-22T00:00:00",
"last_revision_date": "2023-03-22T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0250",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-22T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eIBM\u003c/span\u003e. Elles permettent \u00e0 un attaquant de provoquer\nun contournement de la politique de s\u00e9curit\u00e9, une injection de code\nindirecte \u00e0 distance (XSS), une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte\n\u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6964836 du 21 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6964836"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6964844 du 21 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6964844"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6964862 du 21 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6964862"
}
]
}
CERTFR-2020-AVI-681
Vulnerability from certfr_avis - Published: 2020-10-27 - Updated: 2020-10-27
De multiples vulnérabilités ont été découvertes dans les produits Pulse Secure. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Pulse Secure | N/A | Pulse Secure Desktop Client (PDC) versions antérieures à 9.1R9 | ||
| Pulse Secure | N/A | Pulse Policy Secure (PPS) versions antérieures à 9.1R9 | ||
| Pulse Secure | N/A | Pulse Connect Secure (PCS) versions antérieures à 9.1R9 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Pulse Secure Desktop Client (PDC) versions ant\u00e9rieures \u00e0 9.1R9",
"product": {
"name": "N/A",
"vendor": {
"name": "Pulse Secure",
"scada": false
}
}
},
{
"description": "Pulse Policy Secure (PPS) versions ant\u00e9rieures \u00e0 9.1R9",
"product": {
"name": "N/A",
"vendor": {
"name": "Pulse Secure",
"scada": false
}
}
},
{
"description": "Pulse Connect Secure (PCS) versions ant\u00e9rieures \u00e0 9.1R9",
"product": {
"name": "N/A",
"vendor": {
"name": "Pulse Secure",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-8255",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8255"
},
{
"name": "CVE-2020-8248",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8248"
},
{
"name": "CVE-2020-8239",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8239"
},
{
"name": "CVE-2020-13162",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13162"
},
{
"name": "CVE-2020-8262",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8262"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2020-8254",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8254"
},
{
"name": "CVE-2020-8261",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8261"
},
{
"name": "CVE-2020-8249",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8249"
},
{
"name": "CVE-2020-8956",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8956"
},
{
"name": "CVE-2020-15352",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15352"
},
{
"name": "CVE-2020-8240",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8240"
},
{
"name": "CVE-2020-8263",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8263"
},
{
"name": "CVE-2020-8250",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8250"
},
{
"name": "CVE-2020-8260",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8260"
},
{
"name": "CVE-2020-8241",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8241"
},
{
"name": "CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
}
],
"initial_release_date": "2020-10-27T00:00:00",
"last_revision_date": "2020-10-27T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-681",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-10-27T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Pulse\nSecure. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9\ndes donn\u00e9es et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Pulse Secure",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Pulse Secure SA44601 du 08 octobre 2020",
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601/?kA23Z000000boS0"
}
]
}
CERTFR-2024-AVI-0741
Vulnerability from certfr_avis - Published: 2024-09-05 - Updated: 2024-10-15
De multiples vulnérabilités ont été découvertes dans les produits Juniper Secure Analytics. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Secure Analytics | Juniper Secure Analytics versions antérieures à 7.5.0 UP9 IF02 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Juniper Secure Analytics versions ant\u00e9rieures \u00e0 7.5.0 UP9 IF02",
"product": {
"name": "Secure Analytics",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2023-29483",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29483"
},
{
"name": "CVE-2024-42472",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42472"
},
{
"name": "CVE-2024-26934",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26934"
},
{
"name": "CVE-2023-52477",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52477"
},
{
"name": "CVE-2023-52675",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52675"
},
{
"name": "CVE-2023-4692",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4692"
},
{
"name": "CVE-2024-27059",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27059"
},
{
"name": "CVE-2024-26656",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26656"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2023-38264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38264"
},
{
"name": "CVE-2024-26974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26974"
},
{
"name": "CVE-2024-26897",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26897"
},
{
"name": "CVE-2021-47055",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47055"
},
{
"name": "CVE-2020-36777",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36777"
},
{
"name": "CVE-2023-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43788"
},
{
"name": "CVE-2024-27052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27052"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2024-26585",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26585"
},
{
"name": "CVE-2024-25744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25744"
},
{
"name": "CVE-2024-26973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26973"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2024-27397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27397"
},
{
"name": "CVE-2024-35854",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35854"
},
{
"name": "CVE-2023-52878",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52878"
},
{
"name": "CVE-2021-47185",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47185"
},
{
"name": "CVE-2024-23650",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23650"
},
{
"name": "CVE-2024-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26603"
},
{
"name": "CVE-2024-26964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26964"
},
{
"name": "CVE-2024-5564",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5564"
},
{
"name": "CVE-2021-33198",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33198"
},
{
"name": "CVE-2024-26993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26993"
},
{
"name": "CVE-2019-25162",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25162"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2023-39321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39321"
},
{
"name": "CVE-2024-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3933"
},
{
"name": "CVE-2024-1975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1975"
},
{
"name": "CVE-2023-52669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52669"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2020-15778",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15778"
},
{
"name": "CVE-2022-3287",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3287"
},
{
"name": "CVE-2024-36004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36004"
},
{
"name": "CVE-2024-26859",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26859"
},
{
"name": "CVE-2020-13936",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13936"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2024-35959",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35959"
},
{
"name": "CVE-2018-20060",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20060"
},
{
"name": "CVE-2024-35855",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35855"
},
{
"name": "CVE-2024-1737",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1737"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2024-3652",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3652"
},
{
"name": "CVE-2024-26615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26615"
},
{
"name": "CVE-2023-45802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45802"
},
{
"name": "CVE-2024-26801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26801"
},
{
"name": "CVE-2024-36007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36007"
},
{
"name": "CVE-2021-47311",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47311"
},
{
"name": "CVE-2023-3635",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3635"
},
{
"name": "CVE-2024-26643",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26643"
},
{
"name": "CVE-2024-26779",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26779"
},
{
"name": "CVE-2024-32021",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32021"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2024-25629",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25629"
},
{
"name": "CVE-2024-28180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
},
{
"name": "CVE-2024-24806",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24806"
},
{
"name": "CVE-2024-35852",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35852"
},
{
"name": "CVE-2024-23307",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23307"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2023-52528",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52528"
},
{
"name": "CVE-2024-27048",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27048"
},
{
"name": "CVE-2021-47013",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47013"
},
{
"name": "CVE-2023-52781",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52781"
},
{
"name": "CVE-2024-35845",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35845"
},
{
"name": "CVE-2021-41072",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41072"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2021-47073",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47073"
},
{
"name": "CVE-2024-26804",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26804"
},
{
"name": "CVE-2024-26593",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26593"
},
{
"name": "CVE-2022-48627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48627"
},
{
"name": "CVE-2021-47171",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47171"
},
{
"name": "CVE-2024-26743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26743"
},
{
"name": "CVE-2023-52686",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52686"
},
{
"name": "CVE-2021-47236",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47236"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2023-6240",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6240"
},
{
"name": "CVE-2024-32004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32004"
},
{
"name": "CVE-2021-47118",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47118"
},
{
"name": "CVE-2024-35890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35890"
},
{
"name": "CVE-2020-23064",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-23064"
},
{
"name": "CVE-2023-6918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6918"
},
{
"name": "CVE-2024-22195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22195"
},
{
"name": "CVE-2023-52877",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52877"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2024-32020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32020"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2024-32487",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32487"
},
{
"name": "CVE-2024-26826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26826"
},
{
"name": "CVE-2024-27056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27056"
},
{
"name": "CVE-2024-26583",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26583"
},
{
"name": "CVE-2024-26642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26642"
},
{
"name": "CVE-2021-47153",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47153"
},
{
"name": "CVE-2024-35888",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35888"
},
{
"name": "CVE-2023-52700",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52700"
},
{
"name": "CVE-2023-31122",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31122"
},
{
"name": "CVE-2023-52439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52439"
},
{
"name": "CVE-2021-47495",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47495"
},
{
"name": "CVE-2024-26675",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26675"
},
{
"name": "CVE-2019-14865",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14865"
},
{
"name": "CVE-2024-26906",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26906"
},
{
"name": "CVE-2024-26610",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26610"
},
{
"name": "CVE-2024-2357",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2357"
},
{
"name": "CVE-2024-26584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26584"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2024-26919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26919"
},
{
"name": "CVE-2023-52445",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52445"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2024-3019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3019"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2024-27014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27014"
},
{
"name": "CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"name": "CVE-2024-32465",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32465"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2023-43804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
},
{
"name": "CVE-2023-43789",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43789"
},
{
"name": "CVE-2024-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38428"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2024-26892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26892"
},
{
"name": "CVE-2024-35835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35835"
},
{
"name": "CVE-2024-26735",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26735"
},
{
"name": "CVE-2023-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52881"
},
{
"name": "CVE-2023-4693",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4693"
},
{
"name": "CVE-2021-46972",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46972"
},
{
"name": "CVE-2023-52578",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52578"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2024-34750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34750"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2021-46934",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46934"
},
{
"name": "CVE-2024-1048",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1048"
},
{
"name": "CVE-2023-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
},
{
"name": "CVE-2023-52598",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52598"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2023-7008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
},
{
"name": "CVE-2024-26659",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26659"
},
{
"name": "CVE-2023-52667",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52667"
},
{
"name": "CVE-2024-26933",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26933"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2023-52703",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52703"
},
{
"name": "CVE-2023-52594",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52594"
},
{
"name": "CVE-2024-26693",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26693"
},
{
"name": "CVE-2023-52595",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52595"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2022-48624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48624"
},
{
"name": "CVE-2024-26759",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26759"
},
{
"name": "CVE-2023-52464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52464"
},
{
"name": "CVE-2023-52813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52813"
},
{
"name": "CVE-2024-35838",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35838"
},
{
"name": "CVE-2023-52513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52513"
},
{
"name": "CVE-2023-52615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52615"
},
{
"name": "CVE-2023-52610",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52610"
},
{
"name": "CVE-2023-52560",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52560"
},
{
"name": "CVE-2024-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
},
{
"name": "CVE-2023-39322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39322"
},
{
"name": "CVE-2023-52606",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52606"
},
{
"name": "CVE-2021-47069",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47069"
},
{
"name": "CVE-2024-35960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35960"
},
{
"name": "CVE-2022-39253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39253"
},
{
"name": "CVE-2024-34064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34064"
},
{
"name": "CVE-2023-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2953"
},
{
"name": "CVE-2024-26872",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26872"
},
{
"name": "CVE-2020-26555",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26555"
},
{
"name": "CVE-2024-26901",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26901"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2024-35789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35789"
},
{
"name": "CVE-2023-52835",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52835"
},
{
"name": "CVE-2024-26982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26982"
},
{
"name": "CVE-2021-47310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47310"
},
{
"name": "CVE-2023-52626",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52626"
},
{
"name": "CVE-2024-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0340"
},
{
"name": "CVE-2024-26744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26744"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2024-35958",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35958"
},
{
"name": "CVE-2021-47456",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47456"
},
{
"name": "CVE-2021-40153",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40153"
},
{
"name": "CVE-2024-32002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32002"
},
{
"name": "CVE-2022-48669",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48669"
},
{
"name": "CVE-2023-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52565"
},
{
"name": "CVE-2023-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52520"
},
{
"name": "CVE-2021-47356",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47356"
},
{
"name": "CVE-2024-26694",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26694"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2024-26664",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26664"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2021-47353",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47353"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2023-52607",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52607"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"name": "CVE-2018-25091",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25091"
},
{
"name": "CVE-2023-5090",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5090"
},
{
"name": "CVE-2024-27410",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27410"
},
{
"name": "CVE-2021-46909",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46909"
},
{
"name": "CVE-2024-35853",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35853"
},
{
"name": "CVE-2024-26907",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26907"
}
],
"initial_release_date": "2024-09-05T00:00:00",
"last_revision_date": "2024-10-15T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0741",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-09-05T00:00:00.000000"
},
{
"description": "Ajout r\u00e9f\u00e9rence \u00e9diteur",
"revision_date": "2024-09-06T00:00:00.000000"
},
{
"description": "Correction d\u0027identifiants CVE erron\u00e9s",
"revision_date": "2024-10-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Secure Analytics. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Juniper Secure Analytics",
"vendor_advisories": [
{
"published_at": "2024-09-30",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA86686",
"url": "https://supportportal.juniper.net/s/article/On-Demand-JSA-Series-Multiple-vulnerabilities-resolved-in-Juniper-Secure-Analytics-in-7-5-0-UP9-IF02"
}
]
}
CERTFR-2024-AVI-0579
Vulnerability from certfr_avis - Published: 2024-07-12 - Updated: 2024-07-12
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Spectrum | Spectrum Control versions antérieures à 5.4.12 | ||
| IBM | WebSphere | WebSphere Application Server versions 8.5.x antérieures à 8.5.5.25 sans le correctif de sécurité PH61489 | ||
| IBM | WebSphere | WebSphere Application Server versions 9.0.x antérieures à 9.0.5.20 sans le correctif de sécurité PH61489 | ||
| IBM | QRadar | QRadar Deployment Intelligence App versions antérieures à 3.0.14 | ||
| IBM | QRadar | QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP9 | ||
| IBM | Cloud Pak | Cloud Pak for Security versions antérieures à 1.10.23.0 | ||
| IBM | AIX | AIX versions 7.2 et 7.3 sans le correctif de sécurité 9211224a.240708.epkg.Z | ||
| IBM | QRadar | QRadar Suite Software versions antérieures à 1.10.23.0 | ||
| IBM | QRadar | Security QRadar EDR versions antérieures à 3.12.9 | ||
| IBM | VIOS | VIOS versions 3.1 et 4.1 sans le correctif de sécurité 9211224a.240708.epkg.Z | ||
| IBM | QRadar | QRadar WinCollect Agent versions antérieures à 10.1.11 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Spectrum Control versions ant\u00e9rieures \u00e0 5.4.12",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server versions 8.5.x ant\u00e9rieures \u00e0 8.5.5.25 sans le correctif de s\u00e9curit\u00e9 PH61489",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server versions 9.0.x ant\u00e9rieures \u00e0 9.0.5.20 sans le correctif de s\u00e9curit\u00e9 PH61489",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Deployment Intelligence App versions ant\u00e9rieures \u00e0 3.0.14",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP9",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cloud Pak for Security versions ant\u00e9rieures \u00e0 1.10.23.0",
"product": {
"name": "Cloud Pak",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "AIX versions 7.2 et 7.3 sans le correctif de s\u00e9curit\u00e9 9211224a.240708.epkg.Z",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Suite Software versions ant\u00e9rieures \u00e0 1.10.23.0",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Security QRadar EDR versions ant\u00e9rieures \u00e0 3.12.9",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "VIOS versions 3.1 et 4.1 sans le correctif de s\u00e9curit\u00e9 9211224a.240708.epkg.Z",
"product": {
"name": "VIOS",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar WinCollect Agent versions ant\u00e9rieures \u00e0 10.1.11",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2023-29483",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29483"
},
{
"name": "CVE-2024-1597",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1597"
},
{
"name": "CVE-2024-29041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29041"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2024-28849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28849"
},
{
"name": "CVE-2024-35154",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35154"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2024-22353",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22353"
},
{
"name": "CVE-2024-3772",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3772"
},
{
"name": "CVE-2023-50312",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50312"
},
{
"name": "CVE-2024-2466",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2466"
},
{
"name": "CVE-2024-28102",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28102"
},
{
"name": "CVE-2024-34069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34069"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2020-15778",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15778"
},
{
"name": "CVE-2024-34997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34997"
},
{
"name": "CVE-2022-3287",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3287"
},
{
"name": "CVE-2020-13936",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13936"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2023-45802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45802"
},
{
"name": "CVE-2023-3635",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3635"
},
{
"name": "CVE-2024-25026",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25026"
},
{
"name": "CVE-2024-34062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34062"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2021-41072",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41072"
},
{
"name": "CVE-2024-28176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28176"
},
{
"name": "CVE-2024-1135",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1135"
},
{
"name": "CVE-2020-23064",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-23064"
},
{
"name": "CVE-2023-6918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6918"
},
{
"name": "CVE-2024-2379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2379"
},
{
"name": "CVE-2024-22329",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22329"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
},
{
"name": "CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"name": "CVE-2023-31122",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31122"
},
{
"name": "CVE-2024-35195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
},
{
"name": "CVE-2023-51775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2024-3019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3019"
},
{
"name": "CVE-2024-5206",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5206"
},
{
"name": "CVE-2024-27088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27088"
},
{
"name": "CVE-2023-43804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2023-44483",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44483"
},
{
"name": "CVE-2023-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2024-28863",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28863"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2024-27270",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27270"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2023-46158",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46158"
},
{
"name": "CVE-2024-34064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34064"
},
{
"name": "CVE-2024-6387",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6387"
},
{
"name": "CVE-2024-25023",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25023"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2021-40153",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40153"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"initial_release_date": "2024-07-12T00:00:00",
"last_revision_date": "2024-07-12T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0579",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-07-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2024-07-08",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7159768",
"url": "https://www.ibm.com/support/pages/node/7159768"
},
{
"published_at": "2024-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7160017",
"url": "https://www.ibm.com/support/pages/node/7160017"
},
{
"published_at": "2024-07-08",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7159781",
"url": "https://www.ibm.com/support/pages/node/7159781"
},
{
"published_at": "2024-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7160014",
"url": "https://www.ibm.com/support/pages/node/7160014"
},
{
"published_at": "2024-07-12",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7160134",
"url": "https://www.ibm.com/support/pages/node/7160134"
},
{
"published_at": "2024-07-08",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7159771",
"url": "https://www.ibm.com/support/pages/node/7159771"
},
{
"published_at": "2024-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7159867",
"url": "https://www.ibm.com/support/pages/node/7159867"
},
{
"published_at": "2024-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7159865",
"url": "https://www.ibm.com/support/pages/node/7159865"
},
{
"published_at": "2024-07-08",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7159527",
"url": "https://www.ibm.com/support/pages/node/7159527"
},
{
"published_at": "2024-07-08",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7159825",
"url": "https://www.ibm.com/support/pages/node/7159825"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7159934",
"url": "https://www.ibm.com/support/pages/node/7159934"
},
{
"published_at": "2024-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7159920",
"url": "https://www.ibm.com/support/pages/node/7159920"
},
{
"published_at": "2024-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7160013",
"url": "https://www.ibm.com/support/pages/node/7160013"
}
]
}
CERTFR-2024-AVI-1103
Vulnerability from certfr_avis - Published: 2024-12-20 - Updated: 2024-12-20
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Cognos Analytics | Cognos Analytics versions 12.0.x antérieures à 12.0.4 | ||
| IBM | Sterling | Sterling External Authentication Server versions 6.1.0.x antérieures à 6.1.0.2 ifix 01 | ||
| IBM | QRadar SIEM | Security QRadar Log Management AQL Plugin versions antérieures à 1.1.0 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.0.x antérieures à 6.0.3.1 (fixpack) GA | ||
| IBM | Cognos Analytics | Cognos Analytics versions 11.2.x antérieures à 11.2.4 FP5 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.1.x antérieures à 6.1.0.1 (fixpack) GA | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.2.x antérieures à 6.2.0.0 ifix 01 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.3.x antérieures à 6.3.0.11_ifix001 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cognos Analytics versions 12.0.x ant\u00e9rieures \u00e0 12.0.4",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling External Authentication Server versions 6.1.0.x ant\u00e9rieures \u00e0 6.1.0.2 ifix 01",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": " Security QRadar Log Management AQL Plugin versions ant\u00e9rieures \u00e0 1.1.0",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.0.x ant\u00e9rieures \u00e0 6.0.3.1 (fixpack) GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.4 FP5",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.1 (fixpack) GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.0 ifix 01",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.11_ifix001",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2017-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9937"
},
{
"name": "CVE-2023-52356",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52356"
},
{
"name": "CVE-2023-41334",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41334"
},
{
"name": "CVE-2023-37536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37536"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2024-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22871"
},
{
"name": "CVE-2024-7006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7006"
},
{
"name": "CVE-2023-3316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
},
{
"name": "CVE-2024-36138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36138"
},
{
"name": "CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"name": "CVE-2024-29041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29041"
},
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2024-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22020"
},
{
"name": "CVE-2022-3626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3626"
},
{
"name": "CVE-2023-38264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38264"
},
{
"name": "CVE-2024-22201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22201"
},
{
"name": "CVE-2020-12401",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12401"
},
{
"name": "CVE-2018-15209",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15209"
},
{
"name": "CVE-2024-28849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28849"
},
{
"name": "CVE-2018-17100",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17100"
},
{
"name": "CVE-2022-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3599"
},
{
"name": "CVE-2022-34266",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34266"
},
{
"name": "CVE-2020-35521",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35521"
},
{
"name": "CVE-2023-0796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0796"
},
{
"name": "CVE-2023-50386",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50386"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2024-23944",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23944"
},
{
"name": "CVE-2022-48554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
},
{
"name": "CVE-2024-39008",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39008"
},
{
"name": "CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2023-30086",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
},
{
"name": "CVE-2019-11727",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11727"
},
{
"name": "CVE-2024-25638",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25638"
},
{
"name": "CVE-2022-2057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2057"
},
{
"name": "CVE-2019-6128",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6128"
},
{
"name": "CVE-2023-26965",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2022-2058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2058"
},
{
"name": "CVE-2024-45082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45082"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2022-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3627"
},
{
"name": "CVE-2022-2867",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2867"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-32067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32067"
},
{
"name": "CVE-2022-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3598"
},
{
"name": "CVE-2023-0798",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0798"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2023-2731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2731"
},
{
"name": "CVE-2023-0803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0803"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-30774",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30774"
},
{
"name": "CVE-2023-4759",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4759"
},
{
"name": "CVE-2017-11613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11613"
},
{
"name": "CVE-2017-12652",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12652"
},
{
"name": "CVE-2024-41752",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41752"
},
{
"name": "CVE-2023-50447",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50447"
},
{
"name": "CVE-2018-18508",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18508"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2024-33883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33883"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2024-29025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
},
{
"name": "CVE-2022-22844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22844"
},
{
"name": "CVE-2014-1544",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1544"
},
{
"name": "CVE-2023-4421",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4421"
},
{
"name": "CVE-2023-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6277"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"name": "CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"name": "CVE-2023-50298",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50298"
},
{
"name": "CVE-2024-25629",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25629"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2023-50292",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50292"
},
{
"name": "CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"name": "CVE-2023-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0802"
},
{
"name": "CVE-2022-2056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2056"
},
{
"name": "CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2021-43138",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43138"
},
{
"name": "CVE-2020-25648",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25648"
},
{
"name": "CVE-2019-17023",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17023"
},
{
"name": "CVE-2022-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21699"
},
{
"name": "CVE-2024-28176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28176"
},
{
"name": "CVE-2019-7317",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7317"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2019-17007",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17007"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2023-38289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38289"
},
{
"name": "CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"name": "CVE-2010-1205",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1205"
},
{
"name": "CVE-2020-23064",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-23064"
},
{
"name": "CVE-2024-22195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22195"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2015-7182",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7182"
},
{
"name": "CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"name": "CVE-2018-16335",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16335"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2024-29131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29131"
},
{
"name": "CVE-2021-36770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
},
{
"name": "CVE-2020-19144",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19144"
},
{
"name": "CVE-2023-3164",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3164"
},
{
"name": "CVE-2022-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3597"
},
{
"name": "CVE-2024-27983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27983"
},
{
"name": "CVE-2017-12627",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12627"
},
{
"name": "CVE-2018-17101",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17101"
},
{
"name": "CVE-2023-50291",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50291"
},
{
"name": "CVE-2014-1568",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1568"
},
{
"name": "CVE-2020-26261",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26261"
},
{
"name": "CVE-2023-24816",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24816"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2023-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0801"
},
{
"name": "CVE-2022-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4645"
},
{
"name": "CVE-2019-17546",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17546"
},
{
"name": "CVE-2022-2869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2869"
},
{
"name": "CVE-2022-3479",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3479"
},
{
"name": "CVE-2023-40745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40745"
},
{
"name": "CVE-2024-27982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27982"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2020-15110",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15110"
},
{
"name": "CVE-2023-25435",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25435"
},
{
"name": "CVE-2024-37372",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37372"
},
{
"name": "CVE-2021-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38153"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2024-29133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29133"
},
{
"name": "CVE-2017-18869",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18869"
},
{
"name": "CVE-2022-0562",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0562"
},
{
"name": "CVE-2023-38325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38325"
},
{
"name": "CVE-2019-11719",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11719"
},
{
"name": "CVE-2022-0891",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0891"
},
{
"name": "CVE-2018-7456",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7456"
},
{
"name": "CVE-2023-38288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38288"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2023-0799",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0799"
},
{
"name": "CVE-2019-17006",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17006"
},
{
"name": "CVE-2020-12403",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12403"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2023-6228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-0795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0795"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2017-18013",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18013"
},
{
"name": "CVE-2023-25194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25194"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2016-1938",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1938"
},
{
"name": "CVE-2017-11698",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11698"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2024-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38337"
},
{
"name": "CVE-2018-12384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12384"
},
{
"name": "CVE-2018-12404",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12404"
},
{
"name": "CVE-2019-14973",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14973"
},
{
"name": "CVE-2020-36191",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36191"
},
{
"name": "CVE-2024-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22018"
},
{
"name": "CVE-2023-0804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0804"
},
{
"name": "CVE-2023-30775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30775"
},
{
"name": "CVE-2023-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0797"
},
{
"name": "CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"name": "CVE-2023-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1916"
},
{
"name": "CVE-2024-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37890"
},
{
"name": "CVE-2020-19131",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19131"
},
{
"name": "CVE-2015-7575",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7575"
},
{
"name": "CVE-2023-41175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41175"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2018-5784",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5784"
},
{
"name": "CVE-2018-17000",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17000"
},
{
"name": "CVE-2024-28863",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28863"
},
{
"name": "CVE-2023-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3576"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2020-35523",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35523"
},
{
"name": "CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"name": "CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"name": "CVE-2022-34749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34749"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2020-19189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19189"
},
{
"name": "CVE-2022-0908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0908"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2024-36114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36114"
},
{
"name": "CVE-2019-11745",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11745"
},
{
"name": "CVE-2019-11729",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11729"
},
{
"name": "CVE-2024-34102",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34102"
},
{
"name": "CVE-2019-11756",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11756"
},
{
"name": "CVE-2021-32862",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32862"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2024-4367",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4367"
},
{
"name": "CVE-2024-25016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25016"
},
{
"name": "CVE-2022-40090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40090"
},
{
"name": "CVE-2023-25434",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25434"
},
{
"name": "CVE-2024-29896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29896"
},
{
"name": "CVE-2015-7181",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7181"
},
{
"name": "CVE-2020-18768",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18768"
},
{
"name": "CVE-2022-34526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34526"
},
{
"name": "CVE-2022-2868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2868"
},
{
"name": "CVE-2017-5461",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5461"
},
{
"name": "CVE-2014-1569",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1569"
},
{
"name": "CVE-2020-12400",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12400"
},
{
"name": "CVE-2023-31130",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31130"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2023-32681",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
},
{
"name": "CVE-2017-11695",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11695"
},
{
"name": "CVE-2023-2908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2908"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
},
{
"name": "CVE-2020-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6829"
},
{
"name": "CVE-2017-11697",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11697"
},
{
"name": "CVE-2023-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0800"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2024-27980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27980"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-51504",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51504"
},
{
"name": "CVE-2018-19210",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19210"
},
{
"name": "CVE-2013-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2099"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2019-10255",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10255"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"name": "CVE-2020-35524",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35524"
},
{
"name": "CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"name": "CVE-2024-36137",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36137"
},
{
"name": "CVE-2020-35522",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35522"
},
{
"name": "CVE-2022-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3570"
},
{
"name": "CVE-2017-11696",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11696"
},
{
"name": "CVE-2022-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0561"
}
],
"initial_release_date": "2024-12-20T00:00:00",
"last_revision_date": "2024-12-20T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-1103",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-12-20T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7177142",
"url": "https://www.ibm.com/support/pages/node/7177142"
},
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7177223",
"url": "https://www.ibm.com/support/pages/node/7177223"
},
{
"published_at": "2024-12-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7179044",
"url": "https://www.ibm.com/support/pages/node/7179044"
},
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7179156",
"url": "https://www.ibm.com/support/pages/node/7179156"
},
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7179166",
"url": "https://www.ibm.com/support/pages/node/7179166"
},
{
"published_at": "2024-12-13",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7178835",
"url": "https://www.ibm.com/support/pages/node/7178835"
}
]
}
CERTFR-2020-AVI-037
Vulnerability from certfr_avis - Published: 2020-01-15 - Updated: 2020-01-15
De multiples vulnérabilités ont été découvertes dans Oracle Systems. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle VM Server for SPARC version 3.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Tape Library ACSLS, versions 8.5 et 8.5.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Sun ZFS Storage Appliance Kit version 8.8.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Solaris versions 10 et 11",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-2578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2578"
},
{
"name": "CVE-2019-2729",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2729"
},
{
"name": "CVE-2020-2696",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2696"
},
{
"name": "CVE-2020-2565",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2565"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2019-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9636"
},
{
"name": "CVE-2018-15756",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15756"
},
{
"name": "CVE-2019-2725",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2725"
},
{
"name": "CVE-2020-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2656"
},
{
"name": "CVE-2020-2680",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2680"
},
{
"name": "CVE-2020-2571",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2571"
},
{
"name": "CVE-2020-2647",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2647"
},
{
"name": "CVE-2020-2558",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2558"
},
{
"name": "CVE-2019-9579",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9579"
},
{
"name": "CVE-2016-1000031",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000031"
},
{
"name": "CVE-2020-2605",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2605"
},
{
"name": "CVE-2020-2664",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2664"
}
],
"initial_release_date": "2020-01-15T00:00:00",
"last_revision_date": "2020-01-15T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-037",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-01-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Systems.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Systems",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2020verbose du 14 janvier 2020",
"url": "https://www.oracle.com/security-alerts/cpujan2020verbose.html#SUNS"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2020 du 14 janvier 2020",
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
}
]
}
CERTFR-2023-AVI-0219
Vulnerability from certfr_avis - Published: 2023-03-14 - Updated: 2023-03-14
De multiples vulnérabilités ont été découvertes dans IBM Sterling B2B Integrator. Certaines d'entre elles permettent à un attaquant de provoquer un contournement de la politique de sécurité, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Sterling B2B Integrator versions 6.1.x ant\u00e9rieures \u00e0 6.1.2.2",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling B2B Integrator versions 6.0.x ant\u00e9rieures \u00e0 6.0.3.8",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-22978",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22978"
},
{
"name": "CVE-2022-31160",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31160"
},
{
"name": "CVE-2021-41182",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41182"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2021-40690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40690"
},
{
"name": "CVE-2022-31692",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31692"
},
{
"name": "CVE-2021-41184",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41184"
},
{
"name": "CVE-2021-41183",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41183"
},
{
"name": "CVE-2023-22876",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22876"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2014-8152",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8152"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"initial_release_date": "2023-03-14T00:00:00",
"last_revision_date": "2023-03-14T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0219",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM Sterling B2B\nIntegrator. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer un contournement de la politique de s\u00e9curit\u00e9, une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM Sterling B2B Integrator",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963093 du 13 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6963093"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963091 du 13 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6963091"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963103 du 13 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6963103"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963085 du 13 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6963085"
}
]
}
CERTFR-2022-AVI-266
Vulnerability from certfr_avis - Published: 2022-03-23 - Updated: 2022-03-23
De multiples vulnérabilités ont été découvertes dans IBM WebSphere Service Registry and Repository. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "WebSphere Service Registry and Repository versions 8.5.x ant\u00e9rieures \u00e0 8.5.6.3",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-3721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3721"
},
{
"name": "CVE-2017-1000427",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000427"
},
{
"name": "CVE-2018-15494",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15494"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2014-0114",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0114"
},
{
"name": "CVE-2019-14863",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14863"
},
{
"name": "CVE-2020-7676",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7676"
},
{
"name": "CVE-2017-18640",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18640"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2016-10531",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10531"
},
{
"name": "CVE-2019-10086",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10086"
},
{
"name": "CVE-2015-8854",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8854"
},
{
"name": "CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"initial_release_date": "2022-03-23T00:00:00",
"last_revision_date": "2022-03-23T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-266",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-03-23T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM WebSphere\nService Registry and Repository. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un\nd\u00e9ni de service \u00e0 distance et un contournement de la politique de\ns\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM WebSphere Service Registry and Repository",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6565389 du 22 mars 2022",
"url": "https://www.ibm.com/support/pages/node/6565389"
}
]
}
CERTFR-2020-AVI-203
Vulnerability from certfr_avis - Published: 2020-04-14 - Updated: 2020-04-14
De multiples vulnérabilités ont été découvertes dans Tenable.sc. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service à distance et une injection de code indirecte à distance (XSS).
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneReferences
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tenable.sc versions ant\u00e9rieures \u00e0 5.14.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2020-5737",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5737"
}
],
"initial_release_date": "2020-04-14T00:00:00",
"last_revision_date": "2020-04-14T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-203",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-04-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable.sc. Elles\npermettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non\nsp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service \u00e0 distance et une injection\nde code indirecte \u00e0 distance (XSS).\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable.sc",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable tns-2020-02 du 13 avril 2020",
"url": "https://www.tenable.com/security/tns-2020-02"
}
]
}
CERTFR-2023-AVI-0907
Vulnerability from certfr_avis - Published: 2023-11-03 - Updated: 2023-11-03
De multiples vulnérabilités ont été découvertes dans Moxa PT-G503. Certaines d'entre elles permettent à un attaquant de provoquer un contournement de la politique de sécurité, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneReferences
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "s\u00e9ries PT-G503 versions ant\u00e9rieures \u00e0 5.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2023-5035",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5035"
},
{
"name": "CVE-2005-4900",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-4900"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2023-4217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4217"
},
{
"name": "CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"initial_release_date": "2023-11-03T00:00:00",
"last_revision_date": "2023-11-03T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0907",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-11-03T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Moxa PT-G503.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\ncontournement de la politique de s\u00e9curit\u00e9, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9\ndes donn\u00e9es et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Moxa PT-G503",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Moxa MPSA-230203 du 02 novembre 2023",
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230203-pt-g503-series-multiple-vulnerabilities"
}
]
}
CERTFR-2020-AVI-495
Vulnerability from certfr_avis - Published: 2020-08-11 - Updated: 2020-08-11
De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SAP | N/A | SAPUI5 (UI_700) version 200 | ||
| SAP | N/A | SAP Business Objects Business Intelligence Platform (Central Management Console) versions 4.2 et 4.3 | ||
| SAP | N/A | SAPUI5 (SAP_UI) versions 750, 751, 752, 753, 754 et 755 | ||
| SAP | N/A | SAP NetWeaver (Knowledge Management) versions 7.30, 7.31, 7.40 et 7.50 | ||
| SAP | N/A | SAP Banking Services (Generic Market Data) versions 400, 450 et 500 | ||
| SAP | N/A | SAP S/4 HANA (Fiori UI for General Ledger Accounting) versions 103 et 104 | ||
| SAP | N/A | SAP Adaptive Server Enterprise version 16.0 | ||
| SAP | N/A | SAP Data Intelligence version 3 | ||
| SAP | N/A | SAPUI5 (UISAPUI5_JAVA) version 7.50 | ||
| SAP | N/A | SAP NetWeaver (ABAP Server) et ABAP Platform versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754 et 755 | ||
| SAP | N/A | SAP ERP (HCM Travel Management) versions 600, 602, 603, 604, 605, 606, 607 et 608 | ||
| SAP | N/A | SAP Commerce versions 6.7, 1808, 1811, 1905 et 2005 | ||
| SAP | SAP NetWeaver AS Java | SAP NetWeaver AS JAVA versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40 et 7.50 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SAPUI5 (UI_700) version 200",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Business Objects Business Intelligence Platform (Central Management Console) versions 4.2 et 4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAPUI5 (SAP_UI) versions 750, 751, 752, 753, 754 et 755",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver (Knowledge Management) versions 7.30, 7.31, 7.40 et 7.50",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Banking Services (Generic Market Data) versions 400, 450 et 500",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP S/4 HANA (Fiori UI for General Ledger Accounting) versions 103 et 104",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Adaptive Server Enterprise version 16.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Data Intelligence version 3",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAPUI5 (UISAPUI5_JAVA) version 7.50",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver (ABAP Server) et ABAP Platform versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754 et 755",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP ERP (HCM Travel Management) versions 600, 602, 603, 604, 605, 606, 607 et 608",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Commerce versions 6.7, 1808, 1811, 1905 et 2005",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver AS JAVA versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40 et 7.50",
"product": {
"name": "SAP NetWeaver AS Java",
"vendor": {
"name": "SAP",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-6293",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6293"
},
{
"name": "CVE-2020-6309",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6309"
},
{
"name": "CVE-2020-6298",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6298"
},
{
"name": "CVE-2020-6296",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6296"
},
{
"name": "CVE-2020-6273",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6273"
},
{
"name": "CVE-2020-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6297"
},
{
"name": "CVE-2020-6300",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6300"
},
{
"name": "CVE-2020-6286",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6286"
},
{
"name": "CVE-2020-6284",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6284"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2020-6299",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6299"
},
{
"name": "CVE-2020-6294",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6294"
},
{
"name": "CVE-2020-6287",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6287"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2020-6310",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6310"
},
{
"name": "CVE-2020-6295",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6295"
},
{
"name": "CVE-2020-9281",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9281"
},
{
"name": "CVE-2020-6301",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6301"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"initial_release_date": "2020-08-11T00:00:00",
"last_revision_date": "2020-08-11T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-495",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-08-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SAP.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SAP",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SAP du 11 ao\u00fbt 2020",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552603345"
}
]
}
CERTFR-2023-AVI-0208
Vulnerability from certfr_avis - Published: 2023-03-10 - Updated: 2023-03-10
De multiples vulnérabilités ont été découvertes dans les produits Tenable. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Nessus versions ant\u00e9rieures \u00e0 10.5.0",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
},
{
"description": "Nessus Agent versions 10.3.0 ant\u00e9rieures \u00e0 10.3.2",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
},
{
"description": "Nessus Agent versions 8.3.x ant\u00e9rieures \u00e0 8.3.5",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2020-28458",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28458"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2021-23445",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23445"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2020-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7656"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"initial_release_date": "2023-03-10T00:00:00",
"last_revision_date": "2023-03-10T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0208",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits \u003cspan\nclass=\"textit\"\u003eTenable\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Nessus",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable TNS-2023-11 du 07 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-11"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable TNS-2023-09 du 02 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-09"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable TNS-2023-10 du 06 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-10"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable TNS-2023-12 du 09 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-12"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable TNS-2023-13 du 09 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-13"
}
]
}
CERTFR-2024-AVI-0508
Vulnerability from certfr_avis - Published: 2024-06-20 - Updated: 2024-06-20
De multiples vulnérabilités ont été découvertes dans les produits Moxa. Elles permettent à un attaquant de provoquer une injection de code indirecte à distance (XSS) et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Moxa | N/A | UC-8100A-ME-T Series versions antérieures à 1.8 | ||
| Moxa | N/A | UC-8580 Series versions antérieures à 2.3 | ||
| Moxa | N/A | UC-5100 Series versions antérieures à 1.6 | ||
| Moxa | N/A | UC-3100 Series versions antérieures à 1.8 | ||
| Moxa | N/A | UC-8540 Series versions antérieures à 2.3 | ||
| Moxa | N/A | UC-8100 Series versions antérieures à 3.7 | ||
| Moxa | N/A | UC-2100 Series versions antérieures à 1.14 | ||
| Moxa | N/A | SDS-3008 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | UC-8100-ME-T Series versions antérieures à 3.3 | ||
| Moxa | N/A | UC-8200 Series versions antérieures à 1.7 | ||
| Moxa | N/A | UC-8410A Series versions antérieures à 4.3.2 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "UC-8100A-ME-T Series versions ant\u00e9rieures \u00e0 1.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-8580 Series versions ant\u00e9rieures \u00e0 2.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-5100 Series versions ant\u00e9rieures \u00e0 1.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-3100 Series versions ant\u00e9rieures \u00e0 1.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-8540 Series versions ant\u00e9rieures \u00e0 2.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-8100 Series versions ant\u00e9rieures \u00e0 3.7",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-2100 Series versions ant\u00e9rieures \u00e0 1.14",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "SDS-3008 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-8100-ME-T Series versions ant\u00e9rieures \u00e0 3.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-8200 Series versions ant\u00e9rieures \u00e0 1.7",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-8410A Series versions ant\u00e9rieures \u00e0 4.3.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2021-3156",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3156"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"initial_release_date": "2024-06-20T00:00:00",
"last_revision_date": "2024-06-20T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0508",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-06-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Moxa. Elles permettent \u00e0 un attaquant de provoquer une injection de code indirecte \u00e0 distance (XSS) et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Moxa",
"vendor_advisories": [
{
"published_at": "2024-06-19",
"title": "Bulletin de s\u00e9curit\u00e9 Moxa mpsa-248126",
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-248126-sds-3008-series-multiple-vulnerabilities"
},
{
"published_at": "2024-06-20",
"title": "Bulletin de s\u00e9curit\u00e9 Moxa mpsa-247816",
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-247816-multiple-uc-series-ipc-ssh-vulnerability"
}
]
}
CERTFR-2019-AVI-649
Vulnerability from certfr_avis - Published: 2019-12-20 - Updated: 2019-12-20
De multiples vulnérabilités ont été découvertes dans Tenable Nessus Network Monitor (NNM), composant des produits Tenable.io, Industrial Security et Tenable.sc. Certaines d'entre elles permettent à un attaquant de provoquer un contournement de la politique de sécurité, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Tenable | Nessus Network Monitor | Nessus Network Monitor versions antérieures à 5.11.0 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Nessus Network Monitor versions ant\u00e9rieures \u00e0 5.11.0",
"product": {
"name": "Nessus Network Monitor",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-2542",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2542"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2019-1552",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1552"
},
{
"name": "CVE-2019-1547",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1547"
},
{
"name": "CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
}
],
"initial_release_date": "2019-12-20T00:00:00",
"last_revision_date": "2019-12-20T00:00:00",
"links": [],
"reference": "CERTFR-2019-AVI-649",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-12-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable Nessus\nNetwork Monitor (NNM), composant des produits Tenable.io, Industrial\nSecurity et Tenable.sc. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9, une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable Nessus Network Monitor",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable tns-2019-08 du 19 d\u00e9cembre 2019",
"url": "https://fr.tenable.com/security/tns-2019-08"
}
]
}
ICSA-22-097-01
Vulnerability from csaf_cisa - Published: 2022-04-07 00:00 - Updated: 2022-04-07 00:00Summary
Pepperl+Fuchs WirelessHART-Gateway
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities may result in a denial-of-service condition, code execution, and code exposure.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take the following measures to protect themselves from social engineering attacks:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordinating these vulnerabilities with Pepperl+Fuchs"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities may result in a denial-of-service condition, code execution, and code exposure.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Multiple",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take the following measures to protect themselves from social engineering attacks:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-22-097-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-097-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-097-01 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-097-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Pepperl+Fuchs WirelessHART-Gateway",
"tracking": {
"current_release_date": "2022-04-07T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-22-097-01",
"initial_release_date": "2022-04-07T00:00:00.000000Z",
"revision_history": [
{
"date": "2022-04-07T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-22-097-01 Pepperl+Fuchs WirelessHART-Gateway"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0.7 | 3.0.8 | 3.0.9",
"product": {
"name": "WHA-GW-F2D2-0-AS- Z2-ETH: Versions 3.0.7 3.0.8 3.0.9",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "WHA-GW-F2D2-0-AS- Z2-ETH"
},
{
"branches": [
{
"category": "product_version",
"name": "3.0.7 | 3.0.8 | 3.0.9",
"product": {
"name": "WHA-GW-F2D2-0-AS- Z2-ETH.EIP: Versions 3.0.7 3.0.8 3.0.9",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "WHA-GW-F2D2-0-AS- Z2-ETH.EIP"
}
],
"category": "vendor",
"name": "Pepperl+Fuchs"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-34565",
"cwe": {
"id": "CWE-798",
"name": "Use of Hard-coded Credentials"
},
"notes": [
{
"category": "summary",
"text": "The affected product allows active SSH and telnet services with hard-coded credentials.CVE-2021-34565 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-34565"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Isolate affected products from the corporate network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "If remote access is required, use secure methods such as virtual private networks (VPNs).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://cert.vde.com/en/advisories/VDE-2021-027/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2016-10707",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "jQuery 3.0.0-rc.1 is vulnerable to a denial-of-service condition due to removing a logic a lowercased attribute names. Any attribute using a mixed-cased name for boolean attributes goes into an infinite recursion, exceeding the stack call limit.CVE-2016-10707 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10707"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Isolate affected products from the corporate network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "If remote access is required, use secure methods such as virtual private networks (VPNs).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://cert.vde.com/en/advisories/VDE-2021-027/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2021-34561",
"cwe": {
"id": "CWE-350",
"name": "Reliance on Reverse DNS Resolution for a Security-Critical Action"
},
"notes": [
{
"category": "summary",
"text": "If the application is not externally accessible or uses IP-based access restrictions, attackers can use DNS rebinding to bypass any IP or firewall-based access restrictions by proxying through their target\u0027s browser. This vulnerability only affects Versions 3.0.7 through 3.0.8.CVE-2021-34561 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-34561"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Isolate affected products from the corporate network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "If remote access is required, use secure methods such as virtual private networks (VPNs).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://cert.vde.com/en/advisories/VDE-2021-027/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2021-33555",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The filename parameter is vulnerable to unauthenticated path traversal attacks, enabling read access to arbitrary files on the server. This vulnerability only affects Version 3.0.7.CVE-2021-33555 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33555"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Isolate affected products from the corporate network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "If remote access is required, use secure methods such as virtual private networks (VPNs).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://cert.vde.com/en/advisories/VDE-2021-027/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2014-6071",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "jQuery Version 1.4.2 allows remote attackers to conduct cross-site scripting attacks via vectors related to use of the text method.CVE-2014-6071 has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6071"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Isolate affected products from the corporate network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "If remote access is required, use secure methods such as virtual private networks (VPNs).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://cert.vde.com/en/advisories/VDE-2021-027/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2012-6708",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "jQuery versions prior to 1.9.0 are vulnerable to cross-site scripting attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the \u0027\u003c\u0027 character anywhere in the string, giving attackers more flexibility when attempting to deliver a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the \u0027\u003c\u0027 character, limiting exploitability only to attackers who can control the beginning of a string.CVE-2012-6708 has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6708"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Isolate affected products from the corporate network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "If remote access is required, use secure methods such as virtual private networks (VPNs).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://cert.vde.com/en/advisories/VDE-2021-027/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "jQuery versions prior to 3.0.0 are vulnerable to cross-site scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.CVE-2015-9251 has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-9251"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Isolate affected products from the corporate network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "If remote access is required, use secure methods such as virtual private networks (VPNs).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://cert.vde.com/en/advisories/VDE-2021-027/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In jQuery versions between 1.0.3 and 3.5.0, passing HTML containing \u003coption\u003e elements from untrusted sources (even after sanitizing it) to one of jQuery\u0027s DOM manipulation methods (i.e., .html(), .append(), and others) may execute untrusted code. This vulnerability is patched in jQuery 3.5.0.CVE-2020-11023 has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-11023"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Isolate affected products from the corporate network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "If remote access is required, use secure methods such as virtual private networks (VPNs).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://cert.vde.com/en/advisories/VDE-2021-027/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In jQuery versions between 1.2 and 3.5.0, passing HTML from untrusted sources (even after sanitizing it) to one of jQuery\u0027s DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This vulnerability is patched in jQuery 3.5.0.CVE-2020-11022 has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-11022"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Isolate affected products from the corporate network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "If remote access is required, use secure methods such as virtual private networks (VPNs).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://cert.vde.com/en/advisories/VDE-2021-027/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "jQuery versions prior to 3.4.0, as used in specific products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.CVE-2019-11358 has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11358"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Isolate affected products from the corporate network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "If remote access is required, use secure methods such as virtual private networks (VPNs).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://cert.vde.com/en/advisories/VDE-2021-027/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2020-7656",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "jQuery versions prior to 1.9.0 allow cross-site scripting attacks via the load method. The load method fails to recognize and remove \"\u003cscript\u003e\" HTML tags that contain a whitespace character, \"\u003c/script \u003e\", which results in the enclosed script logic to be executed.CVE-2020-7656 has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7656"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Isolate affected products from the corporate network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "If remote access is required, use secure methods such as virtual private networks (VPNs).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://cert.vde.com/en/advisories/VDE-2021-027/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2021-34560",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "summary",
"text": "The affected product contains a password field with autocomplete enabled. The stored credentials can be captured by an attacker who gains control over the user\u0027s computer.CVE-2021-34560 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-34560"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Isolate affected products from the corporate network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "If remote access is required, use secure methods such as virtual private networks (VPNs).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://cert.vde.com/en/advisories/VDE-2021-027/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2021-34564",
"cwe": {
"id": "CWE-315",
"name": "Cleartext Storage of Sensitive Information in a Cookie"
},
"notes": [
{
"category": "summary",
"text": "Cookie stealing vulnerabilities within the application or browser allow an attacker to steal the user\u0027s credentials in Version 3.0.9.CVE-2021-34564 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-34564"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Isolate affected products from the corporate network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "If remote access is required, use secure methods such as virtual private networks (VPNs).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://cert.vde.com/en/advisories/VDE-2021-027/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2021-34559",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the affected product, Versions 3.0.7 through 3.0.8 have a vulnerability that may allow remote attackers to rewrite links and URLs in cached pages to arbitrary strings.CVE-2021-34559 has been assigned to this vulnerability. A CVSS v3 base score of 5.4 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-34559"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Isolate affected products from the corporate network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "If remote access is required, use secure methods such as virtual private networks (VPNs).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://cert.vde.com/en/advisories/VDE-2021-027/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2021-34562",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the affected product, Version 3.0.8, it is possible to inject arbitrary JavaScript into the application\u0027s response.CVE-2021-34562 has been assigned to this vulnerability. A CVSS v3 base score of 5.4 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-34562"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Isolate affected products from the corporate network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "If remote access is required, use secure methods such as virtual private networks (VPNs).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://cert.vde.com/en/advisories/VDE-2021-027/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2007-2379",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "summary",
"text": "The jQuery framework exchanges data using JavaScript object notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka \"JavaScript Hijacking.\"CVE-2007-2379 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2379"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Isolate affected products from the corporate network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "If remote access is required, use secure methods such as virtual private networks (VPNs).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://cert.vde.com/en/advisories/VDE-2021-027/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2011-4969",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "jQuery versions prior to 1.6.3 contain a Cross-site scripting (XSS) vulnerability, which when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.CVE-2011-4969 has been assigned to this vulnerability. A CVSS v3 base score of 4.7 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4969"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Isolate affected products from the corporate network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "If remote access is required, use secure methods such as virtual private networks (VPNs).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://cert.vde.com/en/advisories/VDE-2021-027/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2021-34563",
"cwe": {
"id": "CWE-1004",
"name": "Sensitive Cookie Without \u0027HttpOnly\u0027 Flag"
},
"notes": [
{
"category": "summary",
"text": "In the affected product, Versions 3.0.8 and 3.0.9, the HttpOnly attribute is not set on a cookie, which allows the cookie\u0027s value to be read or set by client-side JavaScript.CVE-2021-34563 has been assigned to this vulnerability. A CVSS v3 base score of 3.3 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-34563"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Isolate affected products from the corporate network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "If remote access is required, use secure methods such as virtual private networks (VPNs).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://cert.vde.com/en/advisories/VDE-2021-027/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2013-0169",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the Lucky Thirteen issue.CVE-2013-0169 has been assigned to this vulnerability. A CVSS v3 base score of 3.7 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0169"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Minimize network exposure for affected products and ensure they are not accessible via the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Isolate affected products from the corporate network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "If remote access is required, use secure methods such as virtual private networks (VPNs).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "See CERT@VDE\u0027s advisory VDE-2021-027 for more information",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://cert.vde.com/en/advisories/VDE-2021-027/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
}
]
}
MSRC_CVE-2019-11358
Vulnerability from csaf_microsoft - Published: 2019-04-02 00:00 - Updated: 2025-02-11 00:00Summary
jQuery before 3.4.0 as used in Drupal Backdrop CMS and other products mishandles jQuery.extend(true {} ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property it could extend the native Object.prototype.
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2019-11358 jQuery before 3.4.0 as used in Drupal Backdrop CMS and other products mishandles jQuery.extend(true {} ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property it could extend the native Object.prototype. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2019/msrc_cve-2019-11358.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "jQuery before 3.4.0 as used in Drupal Backdrop CMS and other products mishandles jQuery.extend(true {} ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property it could extend the native Object.prototype.",
"tracking": {
"current_release_date": "2025-02-11T00:00:00.000Z",
"generator": {
"date": "2025-12-27T22:48:20.707Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2019-11358",
"initial_release_date": "2019-04-02T00:00:00.000Z",
"revision_history": [
{
"date": "2024-09-11T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2025-02-11T00:00:00.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added m2crypto to Azure Linux 3.0\nAdded python-pygments to Azure Linux 3.0"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "16817"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 m2crypto 0.38.0-4",
"product": {
"name": "\u003cazl3 m2crypto 0.38.0-4",
"product_id": "11"
}
},
{
"category": "product_version",
"name": "azl3 m2crypto 0.38.0-4",
"product": {
"name": "azl3 m2crypto 0.38.0-4",
"product_id": "16992"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 m2crypto 0.38.0-4",
"product": {
"name": "\u003cazl3 m2crypto 0.38.0-4",
"product_id": "12"
}
},
{
"category": "product_version",
"name": "azl3 m2crypto 0.38.0-4",
"product": {
"name": "azl3 m2crypto 0.38.0-4",
"product_id": "16992"
}
}
],
"category": "product_name",
"name": "m2crypto"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 python-pygments 2.7.4-1",
"product": {
"name": "\u003cazl3 python-pygments 2.7.4-1",
"product_id": "9"
}
},
{
"category": "product_version",
"name": "azl3 python-pygments 2.7.4-1",
"product": {
"name": "azl3 python-pygments 2.7.4-1",
"product_id": "16993"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 python-pygments 2.5.2-1",
"product": {
"name": "\u003cazl3 python-pygments 2.5.2-1",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "azl3 python-pygments 2.5.2-1",
"product": {
"name": "azl3 python-pygments 2.5.2-1",
"product_id": "19947"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 python-pygments 2.7.4-1",
"product": {
"name": "\u003cazl3 python-pygments 2.7.4-1",
"product_id": "10"
}
},
{
"category": "product_version",
"name": "azl3 python-pygments 2.7.4-1",
"product": {
"name": "azl3 python-pygments 2.7.4-1",
"product_id": "16993"
}
}
],
"category": "product_name",
"name": "python-pygments"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 orangefs 2.9.7-7",
"product": {
"name": "\u003cazl3 orangefs 2.9.7-7",
"product_id": "7"
}
},
{
"category": "product_version",
"name": "azl3 orangefs 2.9.7-7",
"product": {
"name": "azl3 orangefs 2.9.7-7",
"product_id": "16994"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 orangefs 2.9.7-7",
"product": {
"name": "\u003cazl3 orangefs 2.9.7-7",
"product_id": "8"
}
},
{
"category": "product_version",
"name": "azl3 orangefs 2.9.7-7",
"product": {
"name": "azl3 orangefs 2.9.7-7",
"product_id": "16994"
}
}
],
"category": "product_name",
"name": "orangefs"
},
{
"category": "product_name",
"name": "azl3 orangefs 2.9.8-3",
"product": {
"name": "azl3 orangefs 2.9.8-3",
"product_id": "2"
}
},
{
"category": "product_name",
"name": "cbl2 python-tensorboard 2.11.0-3",
"product": {
"name": "cbl2 python-tensorboard 2.11.0-3",
"product_id": "4"
}
},
{
"category": "product_name",
"name": "cbl2 orangefs 2.9.8-3",
"product": {
"name": "cbl2 orangefs 2.9.8-3",
"product_id": "1"
}
},
{
"category": "product_name",
"name": "azl3 mozjs 102.15.1-1",
"product": {
"name": "azl3 mozjs 102.15.1-1",
"product_id": "6"
}
},
{
"category": "product_name",
"name": "azl3 python-tensorboard 2.16.2-6",
"product": {
"name": "azl3 python-tensorboard 2.16.2-6",
"product_id": "5"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 m2crypto 0.38.0-4 as a component of Azure Linux 3.0",
"product_id": "17084-11"
},
"product_reference": "11",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 m2crypto 0.38.0-4 as a component of Azure Linux 3.0",
"product_id": "16992-17084"
},
"product_reference": "16992",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 python-pygments 2.7.4-1 as a component of Azure Linux 3.0",
"product_id": "17084-9"
},
"product_reference": "9",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 python-pygments 2.7.4-1 as a component of Azure Linux 3.0",
"product_id": "16993-17084"
},
"product_reference": "16993",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 orangefs 2.9.7-7 as a component of Azure Linux 3.0",
"product_id": "17084-7"
},
"product_reference": "7",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 orangefs 2.9.7-7 as a component of Azure Linux 3.0",
"product_id": "16994-17084"
},
"product_reference": "16994",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 orangefs 2.9.8-3 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 python-tensorboard 2.11.0-3 as a component of CBL Mariner 2.0",
"product_id": "17086-4"
},
"product_reference": "4",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 orangefs 2.9.8-3 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 python-pygments 2.5.2-1 as a component of Azure Linux 3.0",
"product_id": "17084-3"
},
"product_reference": "3",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 python-pygments 2.5.2-1 as a component of Azure Linux 3.0",
"product_id": "19947-17084"
},
"product_reference": "19947",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 mozjs 102.15.1-1 as a component of Azure Linux 3.0",
"product_id": "17084-6"
},
"product_reference": "6",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 m2crypto 0.38.0-4 as a component of Azure Linux 3.0",
"product_id": "16817-12"
},
"product_reference": "12",
"relates_to_product_reference": "16817"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 m2crypto 0.38.0-4 as a component of Azure Linux 3.0",
"product_id": "16992-16817"
},
"product_reference": "16992",
"relates_to_product_reference": "16817"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 python-pygments 2.7.4-1 as a component of Azure Linux 3.0",
"product_id": "16817-10"
},
"product_reference": "10",
"relates_to_product_reference": "16817"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 python-pygments 2.7.4-1 as a component of Azure Linux 3.0",
"product_id": "16993-16817"
},
"product_reference": "16993",
"relates_to_product_reference": "16817"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 orangefs 2.9.7-7 as a component of Azure Linux 3.0",
"product_id": "16817-8"
},
"product_reference": "8",
"relates_to_product_reference": "16817"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 orangefs 2.9.7-7 as a component of Azure Linux 3.0",
"product_id": "16994-16817"
},
"product_reference": "16994",
"relates_to_product_reference": "16817"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 python-tensorboard 2.16.2-6 as a component of Azure Linux 3.0",
"product_id": "17084-5"
},
"product_reference": "5",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"flags": [
{
"label": "component_not_present",
"product_ids": [
"17084-2",
"17086-4",
"17084-6",
"17084-5"
]
},
{
"label": "vulnerable_code_not_present",
"product_ids": [
"17086-1"
]
}
],
"notes": [
{
"category": "general",
"text": "mitre",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"16992-17084",
"16993-17084",
"16994-17084",
"19947-17084",
"16992-16817",
"16993-16817",
"16994-16817"
],
"known_affected": [
"17084-11",
"17084-9",
"17084-7",
"17084-3",
"16817-12",
"16817-10",
"16817-8"
],
"known_not_affected": [
"17084-2",
"17086-4",
"17086-1",
"17084-6",
"17084-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2019-11358 jQuery before 3.4.0 as used in Drupal Backdrop CMS and other products mishandles jQuery.extend(true {} ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property it could extend the native Object.prototype. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2019/msrc_cve-2019-11358.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-11T00:00:00.000Z",
"details": "0.38.0-4:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-11",
"16817-12"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2024-09-11T00:00:00.000Z",
"details": "2.7.4-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-9",
"17084-3",
"16817-10"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2024-09-11T00:00:00.000Z",
"details": "2.9.7-7:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-7",
"16817-8"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalsScore": 0.0,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 6.1,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"17084-11",
"17084-9",
"17084-7",
"17084-3",
"16817-12",
"16817-10",
"16817-8"
]
}
],
"title": "jQuery before 3.4.0 as used in Drupal Backdrop CMS and other products mishandles jQuery.extend(true {} ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property it could extend the native Object.prototype."
}
]
}
GSD-2019-11358
Vulnerability from gsd - Updated: 2019-04-19 00:00Details
jQuery before 3.4.0 mishandles jQuery.extend(true, {}, ...) because of
bject.prototype pollution. If an unsanitized source object contained an
enumerable __proto__ property, it could extend the native Object.prototype.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-11358",
"description": "jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.",
"id": "GSD-2019-11358",
"references": [
"https://www.suse.com/security/cve/CVE-2019-11358.html",
"https://www.debian.org/security/2019/dsa-4460",
"https://www.debian.org/security/2019/dsa-4434",
"https://access.redhat.com/errata/RHSA-2020:5581",
"https://access.redhat.com/errata/RHSA-2020:4847",
"https://access.redhat.com/errata/RHSA-2020:4670",
"https://access.redhat.com/errata/RHSA-2020:4298",
"https://access.redhat.com/errata/RHSA-2020:3936",
"https://access.redhat.com/errata/RHSA-2020:2412",
"https://access.redhat.com/errata/RHSA-2020:1325",
"https://access.redhat.com/errata/RHBA-2020:0402",
"https://access.redhat.com/errata/RHSA-2019:3024",
"https://access.redhat.com/errata/RHSA-2019:3023",
"https://access.redhat.com/errata/RHSA-2019:2587",
"https://access.redhat.com/errata/RHBA-2019:1570",
"https://access.redhat.com/errata/RHSA-2019:1456",
"https://advisories.mageia.org/CVE-2019-11358.html",
"https://security.archlinux.org/CVE-2019-11358",
"https://linux.oracle.com/cve/CVE-2019-11358.html",
"https://access.redhat.com/errata/RHSA-2021:4142",
"https://access.redhat.com/errata/RHSA-2022:7343",
"https://access.redhat.com/errata/RHSA-2023:0552",
"https://access.redhat.com/errata/RHSA-2023:0553",
"https://access.redhat.com/errata/RHSA-2023:0554",
"https://access.redhat.com/errata/RHSA-2023:0556",
"https://access.redhat.com/errata/RHSA-2023:1043",
"https://access.redhat.com/errata/RHSA-2023:1044",
"https://access.redhat.com/errata/RHSA-2023:1045",
"https://access.redhat.com/errata/RHSA-2023:1047",
"https://access.redhat.com/errata/RHSA-2023:1049"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "jquery-rails",
"purl": "pkg:gem/jquery-rails"
}
}
],
"aliases": [
"CVE-2019-11358"
],
"details": "jQuery before 3.4.0 mishandles jQuery.extend(true, {}, ...) because of\nbject.prototype pollution. If an unsanitized source object contained an\nenumerable __proto__ property, it could extend the native Object.prototype.\n",
"id": "GSD-2019-11358",
"modified": "2019-04-19T00:00:00.000Z",
"published": "2019-04-19T00:00:00.000Z",
"references": [
{
"type": "WEB",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"type": "WEB",
"url": "https://hackerone.com/reports/454365"
},
{
"type": "WEB",
"url": "https://github.com/jquery/jquery/pull/4333"
},
{
"type": "WEB",
"url": "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b"
},
{
"type": "WEB",
"url": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#434"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": 4.3,
"type": "CVSS_V2"
},
{
"score": 6.1,
"type": "CVSS_V3"
}
],
"summary": "Prototype pollution attack through jQuery $.extend"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-11358",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.drupal.org/sa-core-2019-006",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/sa-core-2019-006"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_19_19",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_19"
},
{
"name": "DSA-4434",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4434"
},
{
"name": "20190421 [SECURITY] [DSA 4434-1] drupal7 security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Apr/32"
},
{
"name": "108023",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108023"
},
{
"name": "[airflow-commits] 20190428 [GitHub] [airflow] feng-tao commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E"
},
{
"name": "[airflow-commits] 20190428 [GitHub] [airflow] feng-tao opened a new pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E"
},
{
"name": "[airflow-commits] 20190428 [GitHub] [airflow] codecov-io commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E"
},
{
"name": "[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG merged pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E"
},
{
"name": "[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E"
},
{
"name": "[debian-lts-announce] 20190506 [SECURITY] [DLA 1777-1] jquery security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html"
},
{
"name": "FEDORA-2019-eba8e44ee6",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/"
},
{
"name": "FEDORA-2019-1a3edd7e8a",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/"
},
{
"name": "FEDORA-2019-7eaf0bbe7c",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/"
},
{
"name": "FEDORA-2019-2a0ce0c58c",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/"
},
{
"name": "FEDORA-2019-a06dffab1c",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/"
},
{
"name": "FEDORA-2019-f563e66380",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/"
},
{
"name": "20190509 dotCMS v5.1.1 Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/18"
},
{
"name": "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html"
},
{
"name": "20190510 dotCMS v5.1.1 HTML Injection \u0026 XSS Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/May/11"
},
{
"name": "20190510 dotCMS v5.1.1 Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/May/10"
},
{
"name": "20190510 Re: dotCMS v5.1.1 HTML Injection \u0026 XSS Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/May/13"
},
{
"name": "[debian-lts-announce] 20190520 [SECURITY] [DLA 1797-1] drupal7 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html"
},
{
"name": "[oss-security] 20190603 Django: CVE-2019-12308 AdminURLFieldWidget XSS (plus patched bundled jQuery for CVE-2019-11358)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/06/03/2"
},
{
"name": "http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html"
},
{
"name": "RHSA-2019:1456",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
},
{
"name": "DSA-4460",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4460"
},
{
"name": "20190612 [SECURITY] [DSA 4460-1] mediawiki security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Jun/12"
},
{
"name": "openSUSE-SU-2019:1839",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html"
},
{
"name": "RHBA-2019:1570",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
},
{
"name": "openSUSE-SU-2019:1872",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html"
},
{
"name": "[roller-commits] 20190820 [jira] [Created] (ROL-2150) Fix Js security vulnerabilities detected using retire js",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E"
},
{
"name": "RHSA-2019:2587",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2587"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190919-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190919-0001/"
},
{
"name": "RHSA-2019:3023",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
},
{
"name": "RHSA-2019:3024",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3024"
},
{
"name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"
},
{
"name": "[nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E"
},
{
"name": "https://www.tenable.com/security/tns-2019-08",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2019-08"
},
{
"name": "[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E"
},
{
"name": "[debian-lts-announce] 20200224 [SECURITY] [DLA 2118-1] otrs2 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html"
},
{
"name": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html"
},
{
"name": "https://www.tenable.com/security/tns-2020-02",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2020-02"
},
{
"name": "[syncope-dev] 20200423 Jquery version on 2.1.x/2.0.x",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766@%3Cdev.syncope.apache.org%3E"
},
{
"name": "[flink-dev] 20200513 [jira] [Created] (FLINK-17675) Resolve CVE-2019-11358 from jquery",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355@%3Cdev.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20200513 [jira] [Created] (FLINK-17675) Resolve CVE-2019-11358 from jquery",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d@%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20200518 [jira] [Commented] (FLINK-17675) Resolve CVE-2019-11358 from jquery",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9@%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20200518 [jira] [Updated] (FLINK-17675) Resolve CVE-2019-11358 from jquery",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73@%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20200518 [jira] [Assigned] (FLINK-17675) Resolve CVE-2019-11358 from jquery",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08@%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20200520 [jira] [Closed] (FLINK-17675) Resolve CVE-2019-11358 from jquery",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa@%3Cissues.flink.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"name": "[storm-dev] 20200708 [GitHub] [storm] Crim opened a new pull request #3305: [STORM-3553] Upgrade jQuery from 1.11.1 to 3.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734@%3Cdev.storm.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"name": "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html"
},
{
"name": "http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"name": "https://www.tenable.com/security/tns-2019-08",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2019-08"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"name": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_19_19",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_19"
},
{
"name": "https://backdropcms.org/security/backdrop-sa-core-2019-009",
"refsource": "MISC",
"url": "https://backdropcms.org/security/backdrop-sa-core-2019-009"
},
{
"name": "https://www.drupal.org/sa-core-2019-006",
"refsource": "MISC",
"url": "https://www.drupal.org/sa-core-2019-006"
},
{
"name": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"refsource": "MISC",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"name": "https://snyk.io/vuln/SNYK-JS-JQUERY-174006",
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-JQUERY-174006"
},
{
"name": "https://github.com/jquery/jquery/pull/4333",
"refsource": "MISC",
"url": "https://github.com/jquery/jquery/pull/4333"
},
{
"name": "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b",
"refsource": "MISC",
"url": "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b"
},
{
"name": "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/",
"refsource": "MISC",
"url": "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190919-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190919-0001/"
},
{
"name": "https://www.tenable.com/security/tns-2020-02",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2020-02"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601",
"refsource": "CONFIRM",
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601",
"refsource": "CONFIRM",
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"
},
{
"name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"name": "https://www.oracle.com//security-alerts/cpujul2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1",
"refsource": "MISC",
"url": "https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1"
},
{
"name": "[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"
}
]
}
},
"github.com/rubysec/ruby-advisory-db": {
"cve": "2019-11358",
"cvss_v2": 4.3,
"cvss_v3": 6.1,
"date": "2019-04-19",
"description": "jQuery before 3.4.0 mishandles jQuery.extend(true, {}, ...) because of\nbject.prototype pollution. If an unsanitized source object contained an\nenumerable __proto__ property, it could extend the native Object.prototype.\n",
"framework": "rails",
"gem": "jquery-rails",
"patched_versions": [
"\u003e= 4.3.4"
],
"related": {
"url": [
"https://hackerone.com/reports/454365",
"https://github.com/jquery/jquery/pull/4333",
"https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b",
"https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#434"
]
},
"title": "Prototype pollution attack through jQuery $.extend",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003c4.3.4",
"affected_versions": "All versions before 4.3.4",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-79",
"CWE-937"
],
"date": "2021-10-01",
"description": "jQuery, as used in Drupal, Backdrop CMS, and other products, mishandles `jQuery.extend(true, {}, ...)` because of `Object.prototype` pollution. If an unsanitized source object contained an enumerable `__proto__` property, it could extend the native Object.prototype.",
"fixed_versions": [
"4.3.4"
],
"identifier": "CVE-2019-11358",
"identifiers": [
"CVE-2019-11358"
],
"package_slug": "gem/jquery-rails",
"pubdate": "2019-04-20",
"solution": "Upgrade to version 4.3.4 or above",
"title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
],
"uuid": "932446c8-c1d5-43ad-8102-064dd8a3b25c"
},
{
"affected_range": "\u003c6.1.2",
"affected_versions": "All versions before 3.4.0",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-79",
"CWE-937"
],
"date": "2019-06-12",
"description": "The jQuery library, which is included in rdoc, mishandles `jQuery.extend(true, {}, ...)` because of Object.prototype pollution. If an unsanitized source object contained an enumerable `__proto__` property, it could extend the native `Object.prototype.`",
"fixed_versions": [
"6.1.2"
],
"identifier": "CVE-2019-11358",
"identifiers": [
"CVE-2019-11358"
],
"not_impacted": "All versions starting from 3.4.0",
"package_slug": "gem/rdoc",
"pubdate": "2019-04-20",
"solution": "Upgrade to version 3.4 or above.",
"title": "Cross-site Scripting",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"http://www.securityfocus.com/bid/108023",
"https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"https://seclists.org/bugtraq/2019/Apr/32"
],
"uuid": "31ce5a08-acfe-442f-b450-28410dd9b4d3"
},
{
"affected_range": "\u003c3.4.0",
"affected_versions": "All versions before 3.4.0",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-79",
"CWE-937"
],
"date": "2022-02-08",
"description": "jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.",
"fixed_versions": [
"3.4.0"
],
"identifier": "CVE-2019-11358",
"identifiers": [
"GHSA-6c3j-c64m-qhgq",
"CVE-2019-11358"
],
"not_impacted": "All versions starting from 3.4.0",
"package_slug": "npm/jquery",
"pubdate": "2019-04-26",
"solution": "Upgrade to version 3.4.0 or above.",
"title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"https://backdropcms.org/security/backdrop-sa-core-2019-009",
"https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b",
"https://github.com/jquery/jquery/pull/4333",
"https://snyk.io/vuln/SNYK-JS-JQUERY-174006",
"https://www.drupal.org/sa-core-2019-006",
"https://access.redhat.com/errata/RHBA-2019:1570",
"https://access.redhat.com/errata/RHSA-2019:1456",
"https://access.redhat.com/errata/RHSA-2019:2587",
"https://access.redhat.com/errata/RHSA-2019:3023",
"https://access.redhat.com/errata/RHSA-2019:3024",
"https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E",
"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E",
"https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E",
"https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E",
"https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E",
"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E",
"https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E",
"https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E",
"https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E",
"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E",
"https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766@%3Cdev.syncope.apache.org%3E",
"https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355@%3Cdev.flink.apache.org%3E",
"https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d@%3Cissues.flink.apache.org%3E",
"https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html",
"https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html",
"https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html",
"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/",
"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/",
"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/",
"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/",
"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/",
"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/",
"https://seclists.org/bugtraq/2019/Apr/32",
"https://seclists.org/bugtraq/2019/Jun/12",
"https://seclists.org/bugtraq/2019/May/18",
"https://security.netapp.com/advisory/ntap-20190919-0001/",
"https://www.debian.org/security/2019/dsa-4434",
"https://www.debian.org/security/2019/dsa-4460",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujan2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/",
"https://www.synology.com/security/advisory/Synology_SA_19_19",
"https://www.tenable.com/security/tns-2019-08",
"https://www.tenable.com/security/tns-2020-02",
"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html",
"http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html",
"http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html",
"http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html",
"http://seclists.org/fulldisclosure/2019/May/10",
"http://seclists.org/fulldisclosure/2019/May/11",
"http://seclists.org/fulldisclosure/2019/May/13",
"http://www.openwall.com/lists/oss-security/2019/06/03/2",
"http://www.securityfocus.com/bid/108023",
"https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9@%3Cissues.flink.apache.org%3E",
"https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa@%3Cissues.flink.apache.org%3E",
"https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08@%3Cissues.flink.apache.org%3E",
"https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73@%3Cissues.flink.apache.org%3E",
"https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734@%3Cdev.storm.apache.org%3E",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601",
"https://www.oracle.com/security-alerts/cpuoct2020.html",
"https://www.oracle.com/security-alerts/cpujan2021.html",
"https://www.oracle.com/security-alerts/cpuApr2021.html",
"https://www.oracle.com//security-alerts/cpujul2021.html",
"https://www.oracle.com/security-alerts/cpuoct2021.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://github.com/advisories/GHSA-6c3j-c64m-qhgq"
],
"uuid": "54b5386a-59f9-43aa-88e7-0c12bd5b5e7c"
},
{
"affected_range": "(,3.4.0)",
"affected_versions": "All versions before 3.4.0",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-1321",
"CWE-937"
],
"date": "2023-05-30",
"description": "jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.",
"fixed_versions": [
"3.4.0"
],
"identifier": "CVE-2019-11358",
"identifiers": [
"GHSA-6c3j-c64m-qhgq",
"CVE-2019-11358"
],
"not_impacted": "All versions starting from 3.4.0",
"package_slug": "nuget/jQuery",
"pubdate": "2019-04-26",
"solution": "Upgrade to version 3.4.0 or above.",
"title": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"https://backdropcms.org/security/backdrop-sa-core-2019-009",
"https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b",
"https://github.com/jquery/jquery/pull/4333",
"https://snyk.io/vuln/SNYK-JS-JQUERY-174006",
"https://www.drupal.org/sa-core-2019-006",
"https://access.redhat.com/errata/RHSA-2019:3023",
"https://access.redhat.com/errata/RHSA-2019:3024",
"https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E",
"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E",
"https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E",
"https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E",
"https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E",
"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E",
"https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E",
"https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E",
"https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E",
"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E",
"https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766@%3Cdev.syncope.apache.org%3E",
"https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355@%3Cdev.flink.apache.org%3E",
"https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d@%3Cissues.flink.apache.org%3E",
"https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html",
"https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html",
"https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html",
"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/",
"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/",
"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/",
"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/",
"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/",
"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/",
"https://security.netapp.com/advisory/ntap-20190919-0001/",
"https://www.debian.org/security/2019/dsa-4434",
"https://www.debian.org/security/2019/dsa-4460",
"https://www.synology.com/security/advisory/Synology_SA_19_19",
"https://www.tenable.com/security/tns-2019-08",
"https://www.tenable.com/security/tns-2020-02",
"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html",
"http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html",
"http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html",
"http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html",
"http://www.openwall.com/lists/oss-security/2019/06/03/2",
"https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9@%3Cissues.flink.apache.org%3E",
"https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa@%3Cissues.flink.apache.org%3E",
"https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08@%3Cissues.flink.apache.org%3E",
"https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73@%3Cissues.flink.apache.org%3E",
"https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734@%3Cdev.storm.apache.org%3E",
"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601",
"https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#434",
"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2019-11358.yml",
"https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-450226",
"https://github.com/advisories/GHSA-6c3j-c64m-qhgq"
],
"uuid": "d7ab203e-bc46-4788-9be7-fab6b4588496"
},
{
"affected_range": "\u003e=7.0,\u003c7.66||\u003e=8.5.0,\u003c8.5.15||\u003e=8.6.0,\u003c8.6.15",
"affected_versions": "All versions starting from 7.0 before 7.66, all versions starting from 8.5.0 before 8.5.15, all versions starting from 8.6.0 before 8.6.15",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-79",
"CWE-937"
],
"date": "2019-06-12",
"description": "jQuery, as used in Drupal, Backdrop CMS, and other products, mishandles `jQuery.extend(true, {}, ...)` because of `Object.prototype` pollution. If an unsanitized source object contained an enumerable `__proto__` property, it could extend the native `Object.prototype`.",
"fixed_versions": [
"8.0.0",
"8.5.15",
"8.6.15"
],
"identifier": "CVE-2019-11358",
"identifiers": [
"CVE-2019-11358"
],
"not_impacted": "All versions before 7.0, all versions starting from 7.66 before 8.5.0, all versions starting from 8.5.15 before 8.6.0, all versions starting from 8.6.15",
"package_slug": "packagist/drupal/core",
"pubdate": "2019-04-20",
"solution": "Upgrade to versions 8.0.0, 8.5.15, 8.6.15 or above.",
"title": "Cross-site Scripting",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"http://www.securityfocus.com/bid/108023",
"https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"https://seclists.org/bugtraq/2019/Apr/32"
],
"uuid": "e2d28b24-ccea-4d03-b344-183788eacc5e"
},
{
"affected_range": "\u003e=2.0a1, \u003c2.1.9 || \u003e=2.2a1, \u003c2.2.2",
"affected_versions": "All versions starting from 2.0a1 before 2.1.9, all versions starting from 2.2a1 before 2.2.2",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-79",
"CWE-937"
],
"date": "2019-06-12",
"description": "jQuery mishandles `jQuery.extend(true, {}, ...)` because of `Object.prototype` pollution. If an unsanitized source object contained an enumerable ``__proto__`` property, it could extend the native `Object.prototype`.",
"fixed_versions": [
"2.2.2",
"2.1.9"
],
"identifier": "CVE-2019-11358",
"identifiers": [
"CVE-2019-11358"
],
"not_impacted": "1.x",
"package_slug": "pypi/Django",
"pubdate": "2019-04-19",
"solution": "Upgrade to fixed version or apply patch.",
"title": "Prototype pollution in jQuery",
"urls": [
"https://www.djangoproject.com/weblog/2019/jun/03/security-releases/",
"https://github.com/django/django/commit/34ec52269ade54af31a021b12969913129571a3f",
"https://github.com/django/django/commit/baaf187a4e354bf3976c51e2c83a0d2f8ee6e6ad",
"https://github.com/django/django/commit/95649bc08547a878cebfa1d019edec8cb1b80829"
],
"uuid": "5ef876b4-198e-4388-bf3a-c88309840d43"
}
]
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D193C7-2259-492F-8B85-E74C57A7426A",
"versionEndExcluding": "3.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC5AB839-4DAC-45E7-9D0B-B528F6D12043",
"versionEndExcluding": "7.66",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9106BF81-B898-4EB0-B63C-9919D3B22260",
"versionEndExcluding": "8.5.15",
"versionStartIncluding": "8.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B37281E-9B44-42A5-AE0A-17CE6770995C",
"versionEndExcluding": "8.6.15",
"versionStartIncluding": "8.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E75C32CE-3FA9-4DC2-A22A-4A841D4911EB",
"versionEndExcluding": "1.11.9",
"versionStartIncluding": "1.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6F204D6-2C8A-4517-8E3C-328ED0D9D3E4",
"versionEndExcluding": "1.12.6",
"versionStartIncluding": "1.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "40513095-7E6E-46B3-B604-C926F1BA3568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9273745-6408-4CD3-94E8-9385D4F5FE69",
"versionEndIncluding": "3.1.3",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:cloudforms:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "04AC556D-D511-4C4C-B9FB-A089BB2FEFD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FA1A18F-D997-4121-A01B-FD9B3BF266CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "230E2167-9107-4994-8328-295575E17DF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A079FD6E-3BB0-4997-9A8E-6F8FEC89887A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "900D2344-5160-42A0-8C49-36DBC7FF3D87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4AA4B21-1BA9-4ED8-B9EA-558AF8655D24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C3F9EE5-FCFC-45B8-9F57-C05D42EE0FF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90CFEC52-A574-493E-A2AC-0EC21851BBFA",
"versionEndExcluding": "19.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_service_level_management:13.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3665B8A2-1F1A-490F-B01D-5B3455A6A539",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_service_level_management:13.3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8577D60-A711-493D-9246-E49D0E2B07E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_testing_suite:12.5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "17EA8B91-7634-4636-B647-1049BA7CA088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_testing_suite:13.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B4DF46F-DBCC-41F2-A260-F83A14838F23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_testing_suite:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E5BC0B6-0C66-4FC5-81F0-6AC9BEC0813E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_testing_suite:13.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "10F17843-32EA-4C31-B65C-F424447BEF7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_testing_suite:13.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C784CEE8-F071-4583-A72D-F46C7C95FEC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A125E817-F974-4509-872C-B71933F42AD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBE7BF09-B89C-4590-821E-6C0587E096B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ADAE8A71-0BCD-42D5-B38C-9B2A27CC1E6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E7231D2D-4092-44F3-B60A-D7C9ED78AFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7BDFC10-45A0-46D8-AB92-4A5E2C1C76ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*",
"matchCriteriaId": "18127694-109C-4E7E-AE79-0BA351849291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "33F68878-BC19-4DB8-8A72-BD9FE3D0ACEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_enterprise_collections:*:*:*:*:*:*:*:*",
"matchCriteriaId": "660DB443-6250-4956-ABD1-C6A522B8DCCA",
"versionEndIncluding": "2.8.0",
"versionStartIncluding": "2.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3625D477-1338-46CB-90B1-7291D617DC39",
"versionEndIncluding": "2.10.0",
"versionStartIncluding": "2.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:bi_publisher:5.5.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5CD806C1-CC17-47BD-8BB0-9430C4253BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DC56004-4497-4CDD-AE76-5E3DFAE170F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "274A0CF5-41E8-42E0-9931-F7372A65B9C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:big_data_discovery:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8C4C38FF-B75B-4DF1-BFB3-C91BDD10D90E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E869C417-C0E6-4FC3-B406-45598A1D1906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DFEFE2C0-7B98-44F9-B3AD-D6EC607E90DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55D98C27-734F-490B-92D5-251805C841B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:*",
"matchCriteriaId": "B796AC70-A220-48D8-B8CD-97CF57227962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6039DC7-08F2-4DD9-B5B5-B6B22DD2409F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*",
"matchCriteriaId": "790A89FD-6B86-49AE-9B4F-AE7262915E13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7231AF76-3D46-41C4-83E9-6E9E12940BD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E39D442D-1997-49AF-8B02-5640BE2A26CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9317C01-22AA-452B-BBBF-5FAFFFB8BEA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4534CF9-D9FD-4936-9D8C-077387028A05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D60384BD-284C-4A68-9EEF-0FAFDF0C21F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA44E38-EB8C-4E2D-8611-B201F47520E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A0E3537-CB5A-40BF-B42C-CED9211B8892",
"versionEndIncluding": "16.4.0",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C57FD3A-0CC1-4BA9-879A-8C4A40234162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "698FB6D0-B26F-4760-9B9B-1C65FBFF2126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F1D64BC-17BF-4DAE-B5FC-BC41F9C12DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E16A16E-BFA3-4D17-9B4E-B42ADE725356",
"versionEndIncluding": "6.4",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9264AF8A-3819-40E5-BBCB-3B6C95A0D828",
"versionEndIncluding": "4.3",
"versionStartIncluding": "4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D52F557F-D0A0-43D3-85F1-F10B6EBFAEDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3517A27-E6EE-497C-9996-F78171BBE90F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_operations_monitor:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C3CE8D5-6404-4CEB-953E-7B7961BC14D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "062E4E7C-55BB-46F3-8B61-5A663B565891",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB43DFD4-D058-4001-BD19-488E059F4532",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "086E2E5C-44EB-4C07-B298-C04189533996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA77B994-3872-4059-854B-0974AA5593D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5682DAEB-3810-4541-833A-568C868BCE0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC9AED-F81D-4344-AD97-EEF19B6EA8C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8198E762-9AD9-452B-B1AF-516E52436B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D0D177F6-25D9-4696-8528-3F57D91BAC12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "539DA24F-E3E0-4455-84C6-A9D96CD601B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "726DB59B-00C7-444E-83F7-CB31032482AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:diagnostic_assistant:2.12.36:*:*:*:*:*:*:*",
"matchCriteriaId": "80B6D265-9D72-45C3-AA2C-5B186E23CDAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB654DFA-FEF9-4D00-ADB0-F3F2B6ACF13E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37209C6F-EF99-4D21-9608-B3A06D283D24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B095CC03-7077-4A58-AB25-CC5380CDCE5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7015A8CB-8FA6-423E-8307-BD903244F517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5BC32AA-78BE-468B-B92A-5A0FFFA970FA",
"versionEndIncluding": "7.3.5",
"versionStartIncluding": "7.3.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA699B16-5100-4485-9BB7-85B247743B17",
"versionEndIncluding": "8.1.0",
"versionStartIncluding": "8.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7E00BA1-E643-45D9-97D3-EF12C29DB262",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2ACA29E6-F393-46E5-B2B3-9158077819A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_asset_liability_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "703DA91D-3440-4C67-AA20-78F71B1376DD",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "39B8DFFF-B037-4F29-8C8E-F4BBC3435199",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0D0EAC-300D-44B1-AD4A-93A368D5DBA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9CB2A0EB-E1C7-4206-8E64-D2EE77C1CD86",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A566893-8DCF-49E4-93D0-0ACCEFD70D3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A180039F-22C3-458E-967D-E07C61C69FAF",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00E5D719-249D-48B8-BAFC-1E14D250B3F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_data_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5F6B8C-2044-4E68-98BD-37B0CD108434",
"versionEndIncluding": "8.0.8",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:*:*:*:*:*:*:*:*",
"matchCriteriaId": "672949B4-1989-4AA7-806F-EEC07D07F317",
"versionEndIncluding": "8.0.9",
"versionStartIncluding": "8.0.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_data_integration_hub:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73E05211-8415-42FB-9B93-959EB03B090B",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9476D1DA-C8A8-40A0-94DD-9B46C05FD461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7DEE0A37-6B9A-43FE-B3E0-8AB5CA368425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CF6A5433-A7D9-4521-9D28-E7684FB76E5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC15899F-8528-4D10-8CD5-F67121D7F293",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F727AAC6-6D9F-4B28-B07C-6A93916C43A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30657F1B-D1FC-4EE6-9854-18993294A01D",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51C17460-D326-4525-A7D1-0AED53E75E18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30F0991A-8507-48C4-9A8E-DE5B28C46A99",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A00142E6-EEB3-44BD-AB0D-0E5C5640557F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00ED7CB0-96F7-4089-9047-A3AC241139C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "005E458D-4059-4E20-A620-B25DEBCE40C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74008AEE-589F-423E-8D77-EA54C36D776A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FD85DB06-692F-4E81-BEB7-1E41B438D1FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6149C89E-0111-4CF9-90CA-0662D2F75E04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6CDDF6CA-6441-4606-9D2F-22A67BA46978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6FA0B592-A216-4320-A4FE-ABCA6B3E7D7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CEA4D6CF-D54A-40DF-9B70-E13392D0BE19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6C521C-F104-4E26-82F2-6F63F94108BC",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "397B1A24-7C95-4A73-8363-4529A7F6CFCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "402B8642-7ACC-4F42-87A9-AB4D3B581751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EF6D5112-4055-4F89-A5B3-0DCB109481B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D262848E-AA24-4057-A747-6221BA22ADF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2163B848-D684-4B17-969A-36E0866C5749",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_profitability_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00615085-65B2-4211-A766-551842B3356F",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8E565DA-91BE-44FC-A28F-579BE8D2281A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "51DB64CA-8953-43BB-AEA9-D0D7E91E9FE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "669BA301-4D29-4692-823B-CDEDD2A5BD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "419559E6-5441-4335-8FE1-6ADAAD9355DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve:*:*:*:*:*:*:*:*",
"matchCriteriaId": "036E4450-53C6-4322-9C7D-91DA94C9A3C9",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_retail_customer_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89C26226-A3CF-4D36-BBDA-80E298E0A51F",
"versionEndIncluding": "8.0.6",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F67D1332-621E-4756-B205-97A5CF670A19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6748C867-0A52-452B-B4D6-DA80396F4152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A64B5C4C-DF69-4292-A534-EDC5955CDDAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7141C66-0384-4BA1-A788-91DEB7EF1361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "06E586B3-3434-4B08-8BE3-16C528642CA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:healthcare_foundation:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26A1F27B-C3AC-4D13-B9B2-2D6CF65D07BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:healthcare_foundation:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B95E8056-51D8-4390-ADE3-661B7AE1D7CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:healthcare_foundation:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFC8DAB-E5D8-420C-B800-08F8C5BF3F4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:healthcare_foundation:7.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9059A907-508B-4844-8D7B-0FA68C0DF6A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:healthcare_translational_research:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A5ACB1D2-69CE-4B7D-9B51-D8F80E541631",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:healthcare_translational_research:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F726C6-EA5A-40FF-8809-4F48E4AE6976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:healthcare_translational_research:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7C26E3-BB0D-4218-8176-319AEA2925C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:healthcare_translational_research:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD67072F-3CFC-480D-9360-81A05D523318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:healthcare_translational_research:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "652E762A-BCDD-451E-9DE3-F1555C1E4B16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A3DC116-2844-47A1-BEC2-D0675DD97148",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F1DF3E-0F2D-4EFC-9A3E-F72149C8AE94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AC63D10-2326-4542-B345-31D45B9A7408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:hospitality_simphony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BFD7783-BE15-421C-A550-7FE15AB53ABF",
"versionEndIncluding": "19.1.2",
"versionStartIncluding": "19.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:hospitality_simphony:18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1F7BF047-03C5-4A60-B718-E222B16DBF41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:hospitality_simphony:18.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3A73D81-3E1A-42E6-AB96-835CDD5905F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:identity_manager:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA10CA55-C155-4DAD-A109-87A80116F1A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "66136D6D-FC52-40DB-B7B6-BA8B7758CE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "06514F46-544B-4404-B45C-C9584EBC3131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD4BF9A-BF38-460D-974D-5B3255AAF946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:insurance_data_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92D538A5-819D-4DF7-85FE-4D4EB6E230E0",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:insurance_ifrs_17_analyzer:8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AEDA3A88-002B-4700-9277-3187C0A3E4B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:insurance_ifrs_17_analyzer:8.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BE886BC5-F807-4627-8233-2290817FE205",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B47C73D0-BE89-4D87-8765-12C507F13AFF",
"versionEndIncluding": "5.6.0.0",
"versionStartIncluding": "5.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B8AA91A-1880-43CD-938D-48EF58ACF2CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:insurance_performance_insight:8.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E6B5D7DB-C70E-4926-819F-E39B79F4D0C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "41684398-18A4-4DC6-B8A2-3EBAA0CBF9A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7506589-9B3B-49BA-B826-774BFDCC45B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "228DA523-4D6D-48C5-BDB0-DB1A60F23F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "335AB6A7-3B1F-4FA8-AF08-7D64C16C4B04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdeveloper_and_adf:11.1.1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37EB4A1D-A875-46B7-BEB0-694D1F400CF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdeveloper_and_adf:12.1.3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2233F287-6B9F-4C8A-A724-959DD3AD29AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdeveloper_and_adf:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2381FAB6-8D36-4389-98E4-74F3462654BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:knowledge:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E587602-BA7D-4087-BE29-ACE0B01BD590",
"versionEndIncluding": "8.6.3",
"versionStartIncluding": "8.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*",
"matchCriteriaId": "45CB30A1-B2C9-4BF5-B510-1F2F18B60C64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A735B4-4F3C-416B-8C08-9CB21BAD2889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1E416B-920B-49A0-9523-382898C2979D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*",
"matchCriteriaId": "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84668F58-6511-4E53-8213-13B440F454C1",
"versionEndIncluding": "12.2.15",
"versionStartIncluding": "12.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:policy_automation:10.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9D8B3B57-73D6-4402-987F-8AE723D52F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:policy_automation:12.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62BF043E-BCB9-433D-BA09-7357853EE127",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:policy_automation:12.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3F26FB80-F541-4B59-AC3C-633F49388B59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0DB5E2C7-9C68-4D3B-95AD-9CBF65DE1E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12D3B2F0-E9C7-432B-91C6-A6C329A84B78",
"versionEndIncluding": "12.2.15",
"versionStartIncluding": "12.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06CF27F6-ADC1-480C-9D2E-2BD1E7330C32",
"versionEndIncluding": "16.2.11",
"versionStartIncluding": "16.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4AA3854-C9FD-4287-85A0-EE7907D1E1ED",
"versionEndIncluding": "17.12.7",
"versionStartIncluding": "17.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8CD4002-F310-4BE4-AF7B-4BCCB17DA6FF",
"versionEndIncluding": "18.8.9",
"versionStartIncluding": "18.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69112C56-7747-4E11-A938-85A481529F58",
"versionEndIncluding": "19.12.4",
"versionStartIncluding": "19.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_gateway:15.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "D9E628E7-6CC5-418C-939F-8EEA69B222A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08FA59A8-6A62-4B33-8952-D6E658F8DAC9",
"versionEndIncluding": "17.12",
"versionStartIncluding": "17.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D55A54FD-7DD1-49CD-BE81-0BE73990943C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82EB08C0-2D46-4635-88DF-E54F6452D3A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*",
"matchCriteriaId": "202AD518-2E9B-4062-B063-9858AE1F9CE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:real-time_scheduler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99579D88-27C0-4B93-B2F4-69B6781BC4BD",
"versionEndIncluding": "2.3.0.3",
"versionStartIncluding": "2.3.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:*",
"matchCriteriaId": "36FC547E-861A-418C-A314-DA09A457B13A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:*",
"matchCriteriaId": "DF9FEE51-50E3-41E9-AA0D-272A640F85CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:*",
"matchCriteriaId": "E69E905F-2E1A-4462-9082-FF7B10474496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:*",
"matchCriteriaId": "0F9B692C-8986-4F91-9EF4-2BB1E3B5C133",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:rest_data_services:19c:*:*:*:-:*:*:*",
"matchCriteriaId": "C5F4C40E-3ABC-4C59-B226-224262DCFF37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_back_office:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31C7EEA3-AA72-48DA-A112-2923DBB37773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0735989-13BD-40B3-B954-AC0529C5B53D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_central_office:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "83B5F416-56AE-4DC5-BCFF-49702463E716",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_central_office:14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58405263-E84C-4071-BB23-165D49034A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_customer_insights:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD4AB77A-E829-4603-AF6A-97B9CD0D687F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_customer_insights:16.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6DE15D64-6F49-4F43-8079-0C7827384C86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "36E16AEF-ACEB-413C-888C-8D250F65C180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EFAEA84-E376-40A2-8C9F-3E0676FEC527",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_point-of-service:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "237968A4-AE89-44DC-8BA3-D9651F88883D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_point-of-service:14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E13DF2AE-F315-4085-9172-6C8B21AF1C9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_returns_management:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "959316A8-C3AF-4126-A242-3835ED0AD1E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BDB925C6-2CBC-4D88-B9EA-F246F4F7A206",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:service_bus:11.1.1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2B6C75-3EB5-4BCE-B5D1-39DD3DE94139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:service_bus:12.1.3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "70BEF219-45EC-4A53-A815-42FBE20FC300",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:service_bus:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA2023A-1AD6-41FE-A214-9D1F6021D6B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:siebel_mobile_applications:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA4E307-D5FA-461D-9809-BDD123AE7B74",
"versionEndIncluding": "19.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:siebel_ui_framework:20.8:*:*:*:*:*:*:*",
"matchCriteriaId": "98B9198C-11DF-4E80-ACFC-DC719CED8C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "587EE4F3-E7AC-4A69-9476-0E71E75EE7A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:system_utilities:19.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7961BBD-6411-4D32-947D-3940221C235B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:tape_library_acsls:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "162C6FD9-AEC2-4EBA-A163-3054840B8ACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:tape_library_acsls:8.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6879D52-A44E-4DF8-8A3A-3613822EB469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:transportation_management:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5AAF89C1-AAC2-449C-90C1-895F5F8843B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:utilities_mobile_workforce_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F2D3FA0-BD9D-4828-AE36-1CE43D9B07D1",
"versionEndIncluding": "2.3.0.3",
"versionStartIncluding": "2.3.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D551CAB1-4312-44AA-BDA8-A030817E153A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B40B13B7-68B3-4510-968C-6A730EB46462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C93CC705-1F8C-4870-99E6-14BF264C3811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F14A818F-AA16-4438-A3E4-E64C9287AC66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04BCDC24-4A21-473C-8733-0D9CFB38A752",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C63557DE-E65B-46F4-99C4-247EACCB7BBA",
"versionEndIncluding": "3.9.4",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*",
"matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype."
},
{
"lang": "es",
"value": "jQuery, en versiones anteriores a 3.4.0, como es usado en Drupal, Backdrop CMS, y otros productos, maneja mal jQuery.extend(true, {}, ...) debido a la contaminaci\u00f3n de Object.prototype. Si un objeto fuente no sanitizado conten\u00eda una propiedad enumerable __proto__, podr\u00eda extender el Object.prototype nativo."
}
],
"id": "CVE-2019-11358",
"lastModified": "2024-02-16T16:32:51.227",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-20T00:29:00.247",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/May/10"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/May/11"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/May/13"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/03/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108023"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2587"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3024"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://backdropcms.org/security/backdrop-sa-core-2019-009"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/jquery/jquery/pull/4333"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Apr/32"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Jun/12"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/May/18"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190919-0001/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://snyk.io/vuln/SNYK-JS-JQUERY-174006"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4434"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4460"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.drupal.org/sa-core-2019-006"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_19"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2019-08"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2020-02"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
}
}
}
GHSA-6C3J-C64M-QHGQ
Vulnerability from github – Published: 2019-04-26 16:29 – Updated: 2024-11-05 20:16
VLAI?
Summary
XSS in jQuery as used in Drupal, Backdrop CMS, and other products
Details
jQuery from 1.1.4 until 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Severity ?
6.1 (Medium)
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "jquery"
},
"ranges": [
{
"events": [
{
"introduced": "1.1.4"
},
{
"fixed": "3.4.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "RubyGems",
"name": "jquery-rails"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.3.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "jQuery"
},
"ranges": [
{
"events": [
{
"introduced": "1.1.4"
},
{
"fixed": "3.4.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "django"
},
"ranges": [
{
"events": [
{
"introduced": "2.0a1"
},
{
"fixed": "2.1.9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "django"
},
"ranges": [
{
"events": [
{
"introduced": "2.2a1"
},
{
"fixed": "2.2.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.webjars.npm:jquery"
},
"ranges": [
{
"events": [
{
"introduced": "1.1.4"
},
{
"fixed": "3.4.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "maximebf/debugbar"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.19.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2019-11358"
],
"database_specific": {
"cwe_ids": [
"CWE-1321",
"CWE-79"
],
"github_reviewed": true,
"github_reviewed_at": "2019-04-26T16:28:41Z",
"nvd_published_at": "2019-04-20T00:29:00Z",
"severity": "MODERATE"
},
"details": "jQuery from 1.1.4 until 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles `jQuery.extend(true, {}, ...)` because of `Object.prototype` pollution. If an unsanitized source object contained an enumerable `__proto__` property, it could extend the native `Object.prototype`.",
"id": "GHSA-6c3j-c64m-qhgq",
"modified": "2024-11-05T20:16:55Z",
"published": "2019-04-26T16:29:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"type": "WEB",
"url": "https://github.com/maximebf/php-debugbar/issues/447"
},
{
"type": "WEB",
"url": "https://github.com/jquery/jquery/pull/4333"
},
{
"type": "WEB",
"url": "https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc"
},
{
"type": "WEB",
"url": "https://github.com/django/django/commit/34ec52269ade54af31a021b12969913129571a3f"
},
{
"type": "WEB",
"url": "https://github.com/django/django/commit/95649bc08547a878cebfa1d019edec8cb1b80829"
},
{
"type": "WEB",
"url": "https://github.com/django/django/commit/baaf187a4e354bf3976c51e2c83a0d2f8ee6e6ad"
},
{
"type": "WEB",
"url": "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5"
},
{
"type": "WEB",
"url": "https://seclists.org/bugtraq/2019/Apr/32"
},
{
"type": "WEB",
"url": "https://seclists.org/bugtraq/2019/Jun/12"
},
{
"type": "WEB",
"url": "https://seclists.org/bugtraq/2019/May/18"
},
{
"type": "WEB",
"url": "https://www.tenable.com/security/tns-2020-02"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d@%3Cissues.flink.apache.org%3E"
},
{
"type": "WEB",
"url": "https://www.tenable.com/security/tns-2019-08"
},
{
"type": "WEB",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_19"
},
{
"type": "WEB",
"url": "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery"
},
{
"type": "WEB",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"type": "WEB",
"url": "https://www.drupal.org/sa-core-2019-006"
},
{
"type": "WEB",
"url": "https://www.djangoproject.com/weblog/2019/jun/03/security-releases"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2019/dsa-4460"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2019/dsa-4434"
},
{
"type": "WEB",
"url": "https://web.archive.org/web/20190824065237/http://www.securityfocus.com/bid/108023"
},
{
"type": "WEB",
"url": "https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1"
},
{
"type": "WEB",
"url": "https://snyk.io/vuln/SNYK-JS-JQUERY-174006"
},
{
"type": "WEB",
"url": "https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-450226"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20190919-0001"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E"
},
{
"type": "WEB",
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"
},
{
"type": "WEB",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2019-11358.yml"
},
{
"type": "WEB",
"url": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#434"
},
{
"type": "PACKAGE",
"url": "https://github.com/jquery/jquery"
},
{
"type": "WEB",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released"
},
{
"type": "WEB",
"url": "https://backdropcms.org/security/backdrop-sa-core-2019-009"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:3024"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:2587"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73@%3Cissues.flink.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734@%3Cdev.storm.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355@%3Cdev.flink.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08@%3Cissues.flink.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766@%3Cdev.syncope.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa@%3Cissues.flink.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9@%3Cissues.flink.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2019/May/10"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2019/May/11"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2019/May/13"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2019/06/03/2"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/108023"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "XSS in jQuery as used in Drupal, Backdrop CMS, and other products"
}
FKIE_CVE-2019-11358
Vulnerability from fkie_nvd - Published: 2019-04-20 00:29 - Updated: 2024-11-21 04:20
Severity ?
Summary
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://seclists.org/fulldisclosure/2019/May/10 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://seclists.org/fulldisclosure/2019/May/11 | Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | http://seclists.org/fulldisclosure/2019/May/13 | Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2019/06/03/2 | Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/108023 | Broken Link, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://access.redhat.com/errata/RHBA-2019:1570 | Third Party Advisory | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2019:1456 | Third Party Advisory | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2019:2587 | Third Party Advisory | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2019:3023 | Third Party Advisory | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2019:3024 | Third Party Advisory | |
| cve@mitre.org | https://backdropcms.org/security/backdrop-sa-core-2019-009 | Third Party Advisory | |
| cve@mitre.org | https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/ | Release Notes, Vendor Advisory | |
| cve@mitre.org | https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b | Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/jquery/jquery/pull/4333 | Patch, Third Party Advisory | |
| cve@mitre.org | https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601 | Third Party Advisory | |
| cve@mitre.org | https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E | Issue Tracking | |
| cve@mitre.org | https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E | Issue Tracking | |
| cve@mitre.org | https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E | Issue Tracking | |
| cve@mitre.org | https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E | Issue Tracking | |
| cve@mitre.org | https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E | Issue Tracking | |
| cve@mitre.org | https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E | Issue Tracking | |
| cve@mitre.org | https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E | Issue Tracking | |
| cve@mitre.org | https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E | Issue Tracking | |
| cve@mitre.org | https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E | Issue Tracking | |
| cve@mitre.org | https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E | Issue Tracking | |
| cve@mitre.org | https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E | Issue Tracking | |
| cve@mitre.org | https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E | Issue Tracking | |
| cve@mitre.org | https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E | Issue Tracking | |
| cve@mitre.org | https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E | Issue Tracking | |
| cve@mitre.org | https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E | Issue Tracking | |
| cve@mitre.org | https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E | Issue Tracking | |
| cve@mitre.org | https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E | Issue Tracking | |
| cve@mitre.org | https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E | Issue Tracking | |
| cve@mitre.org | https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E | Issue Tracking | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/ | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/ | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/ | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/ | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/ | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/ | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://seclists.org/bugtraq/2019/Apr/32 | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://seclists.org/bugtraq/2019/Jun/12 | Issue Tracking, Mailing List, Third Party Advisory | |
| cve@mitre.org | https://seclists.org/bugtraq/2019/May/18 | Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20190919-0001/ | Third Party Advisory | |
| cve@mitre.org | https://snyk.io/vuln/SNYK-JS-JQUERY-174006 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1 | Third Party Advisory | |
| cve@mitre.org | https://www.debian.org/security/2019/dsa-4434 | Third Party Advisory | |
| cve@mitre.org | https://www.debian.org/security/2019/dsa-4460 | Third Party Advisory | |
| cve@mitre.org | https://www.drupal.org/sa-core-2019-006 | Patch, Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com//security-alerts/cpujul2021.html | Patch, Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpuApr2021.html | Patch, Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpuapr2020.html | Patch, Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpujan2020.html | Patch, Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpujan2021.html | Patch, Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpujan2022.html | Patch, Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpujul2020.html | Patch, Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpuoct2020.html | Patch, Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpuoct2021.html | Patch, Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | Patch, Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | Patch, Third Party Advisory | |
| cve@mitre.org | https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/ | Patch, Third Party Advisory | |
| cve@mitre.org | https://www.synology.com/security/advisory/Synology_SA_19_19 | Third Party Advisory | |
| cve@mitre.org | https://www.tenable.com/security/tns-2019-08 | Third Party Advisory | |
| cve@mitre.org | https://www.tenable.com/security/tns-2020-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/May/10 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/May/11 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/May/13 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2019/06/03/2 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108023 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHBA-2019:1570 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:1456 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:2587 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:3023 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:3024 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://backdropcms.org/security/backdrop-sa-core-2019-009 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/ | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/jquery/jquery/pull/4333 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/ | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/ | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/ | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/ | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/ | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/ | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Apr/32 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Jun/12 | Issue Tracking, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/May/18 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20190919-0001/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://snyk.io/vuln/SNYK-JS-JQUERY-174006 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2019/dsa-4434 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2019/dsa-4460 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.drupal.org/sa-core-2019-006 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com//security-alerts/cpujul2021.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuApr2021.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2020.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujan2020.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujan2021.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujan2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujul2020.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuoct2020.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuoct2021.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/ | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.synology.com/security/advisory/Synology_SA_19_19 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/tns-2019-08 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/tns-2020-02 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jquery | jquery | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| drupal | drupal | * | |
| drupal | drupal | * | |
| drupal | drupal | * | |
| backdropcms | backdrop | * | |
| backdropcms | backdrop | * | |
| fedoraproject | fedora | 28 | |
| fedoraproject | fedora | 29 | |
| fedoraproject | fedora | 30 | |
| opensuse | backports_sle | 15.0 | |
| opensuse | leap | 15.1 | |
| netapp | oncommand_system_manager | * | |
| netapp | snapcenter | - | |
| redhat | cloudforms | 4.7 | |
| redhat | virtualization_manager | 4.3 | |
| oracle | agile_product_lifecycle_management_for_process | 6.1 | |
| oracle | agile_product_lifecycle_management_for_process | 6.2.0.0 | |
| oracle | agile_product_lifecycle_management_for_process | 6.2.1.0 | |
| oracle | agile_product_lifecycle_management_for_process | 6.2.2.0 | |
| oracle | agile_product_lifecycle_management_for_process | 6.2.3.0 | |
| oracle | application_express | * | |
| oracle | application_service_level_management | 13.2.0.0 | |
| oracle | application_service_level_management | 13.3.0.0 | |
| oracle | application_testing_suite | 12.5.0.3 | |
| oracle | application_testing_suite | 13.1.0.1 | |
| oracle | application_testing_suite | 13.2 | |
| oracle | application_testing_suite | 13.2.0.1 | |
| oracle | application_testing_suite | 13.3 | |
| oracle | application_testing_suite | 13.3.0.1 | |
| oracle | banking_digital_experience | 18.1 | |
| oracle | banking_digital_experience | 18.2 | |
| oracle | banking_digital_experience | 18.3 | |
| oracle | banking_digital_experience | 19.1 | |
| oracle | banking_digital_experience | 19.2 | |
| oracle | banking_digital_experience | 20.1 | |
| oracle | banking_enterprise_collections | * | |
| oracle | banking_platform | * | |
| oracle | bi_publisher | 5.5.0.0.0 | |
| oracle | bi_publisher | 12.2.1.3.0 | |
| oracle | bi_publisher | 12.2.1.4.0 | |
| oracle | big_data_discovery | 1.6 | |
| oracle | business_process_management_suite | 12.2.1.3.0 | |
| oracle | business_process_management_suite | 12.2.1.4.0 | |
| oracle | communications_analytics | 12.1.1 | |
| oracle | communications_application_session_controller | 3.8m0 | |
| oracle | communications_billing_and_revenue_management | 7.5 | |
| oracle | communications_billing_and_revenue_management | 7.5.0.23.0 | |
| oracle | communications_billing_and_revenue_management | 12.0 | |
| oracle | communications_billing_and_revenue_management | 12.0.0.3.0 | |
| oracle | communications_diameter_signaling_router | 8.0.0 | |
| oracle | communications_diameter_signaling_router | 8.1 | |
| oracle | communications_diameter_signaling_router | 8.2 | |
| oracle | communications_diameter_signaling_router | 8.2.1 | |
| oracle | communications_eagle_application_processor | * | |
| oracle | communications_element_manager | 8.1.1 | |
| oracle | communications_element_manager | 8.2.0 | |
| oracle | communications_element_manager | 8.2.1 | |
| oracle | communications_interactive_session_recorder | * | |
| oracle | communications_operations_monitor | * | |
| oracle | communications_operations_monitor | 3.4 | |
| oracle | communications_operations_monitor | 4.0 | |
| oracle | communications_operations_monitor | 4.1.0 | |
| oracle | communications_services_gatekeeper | 7.0 | |
| oracle | communications_session_report_manager | 8.1.1 | |
| oracle | communications_session_report_manager | 8.2.0 | |
| oracle | communications_session_report_manager | 8.2.1 | |
| oracle | communications_session_route_manager | 8.1.1 | |
| oracle | communications_session_route_manager | 8.2.0 | |
| oracle | communications_session_route_manager | 8.2.1 | |
| oracle | communications_unified_inventory_management | 7.3 | |
| oracle | communications_unified_inventory_management | 7.4.0 | |
| oracle | communications_webrtc_session_controller | 7.2 | |
| oracle | diagnostic_assistant | 2.12.36 | |
| oracle | enterprise_manager_ops_center | 12.3.3 | |
| oracle | enterprise_manager_ops_center | 12.4.0 | |
| oracle | enterprise_manager_ops_center | 12.4.0.0 | |
| oracle | enterprise_session_border_controller | 8.4 | |
| oracle | financial_services_analytical_applications_infrastructure | * | |
| oracle | financial_services_analytical_applications_infrastructure | * | |
| oracle | financial_services_analytical_applications_reconciliation_framework | * | |
| oracle | financial_services_analytical_applications_reconciliation_framework | 8.1.0 | |
| oracle | financial_services_asset_liability_management | * | |
| oracle | financial_services_asset_liability_management | 8.1.0 | |
| oracle | financial_services_balance_sheet_planning | 8.0.8 | |
| oracle | financial_services_basel_regulatory_capital_basic | * | |
| oracle | financial_services_basel_regulatory_capital_basic | 8.1.0 | |
| oracle | financial_services_basel_regulatory_capital_internal_ratings_based_approach | * | |
| oracle | financial_services_basel_regulatory_capital_internal_ratings_based_approach | 8.1.0 | |
| oracle | financial_services_data_foundation | * | |
| oracle | financial_services_data_governance_for_us_regulatory_reporting | * | |
| oracle | financial_services_data_integration_hub | * | |
| oracle | financial_services_data_integration_hub | 8.1.0 | |
| oracle | financial_services_enterprise_financial_performance_analytics | 8.0.6 | |
| oracle | financial_services_enterprise_financial_performance_analytics | 8.0.7 | |
| oracle | financial_services_funds_transfer_pricing | * | |
| oracle | financial_services_funds_transfer_pricing | 8.1.0 | |
| oracle | financial_services_hedge_management_and_ifrs_valuations | * | |
| oracle | financial_services_hedge_management_and_ifrs_valuations | 8.1.0 | |
| oracle | financial_services_institutional_performance_analytics | * | |
| oracle | financial_services_institutional_performance_analytics | 8.1.0 | |
| oracle | financial_services_liquidity_risk_management | 8.0.0.1.0 | |
| oracle | financial_services_liquidity_risk_management | 8.0.2 | |
| oracle | financial_services_liquidity_risk_management | 8.0.4.0.0 | |
| oracle | financial_services_liquidity_risk_management | 8.0.5.0.0 | |
| oracle | financial_services_liquidity_risk_management | 8.0.6 | |
| oracle | financial_services_liquidity_risk_measurement_and_management | 8.0.7 | |
| oracle | financial_services_liquidity_risk_measurement_and_management | 8.0.8 | |
| oracle | financial_services_liquidity_risk_measurement_and_management | 8.1.0 | |
| oracle | financial_services_loan_loss_forecasting_and_provisioning | * | |
| oracle | financial_services_loan_loss_forecasting_and_provisioning | 8.1.0 | |
| oracle | financial_services_market_risk_measurement_and_management | 8.0.5 | |
| oracle | financial_services_market_risk_measurement_and_management | 8.0.6 | |
| oracle | financial_services_market_risk_measurement_and_management | 8.0.8 | |
| oracle | financial_services_price_creation_and_discovery | * | |
| oracle | financial_services_profitability_management | * | |
| oracle | financial_services_profitability_management | 8.1.0 | |
| oracle | financial_services_regulatory_reporting_for_de_nederlandsche_bank | 8.0.4 | |
| oracle | financial_services_regulatory_reporting_for_european_banking_authority | 8.0.6 | |
| oracle | financial_services_regulatory_reporting_for_european_banking_authority | 8.0.7 | |
| oracle | financial_services_regulatory_reporting_for_us_federal_reserve | * | |
| oracle | financial_services_retail_customer_analytics | * | |
| oracle | financial_services_retail_performance_analytics | 8.0.6 | |
| oracle | financial_services_retail_performance_analytics | 8.0.7 | |
| oracle | financial_services_revenue_management_and_billing | 2.4.0.0 | |
| oracle | financial_services_revenue_management_and_billing | 2.4.0.1 | |
| oracle | fusion_middleware_mapviewer | 12.2.1.3.0 | |
| oracle | healthcare_foundation | 7.1.1 | |
| oracle | healthcare_foundation | 7.2.0 | |
| oracle | healthcare_foundation | 7.2.2 | |
| oracle | healthcare_foundation | 7.3.0 | |
| oracle | healthcare_translational_research | 3.1.0 | |
| oracle | healthcare_translational_research | 3.2.1 | |
| oracle | healthcare_translational_research | 3.3.1 | |
| oracle | healthcare_translational_research | 3.3.2 | |
| oracle | healthcare_translational_research | 3.4.0 | |
| oracle | hospitality_guest_access | 4.2.0 | |
| oracle | hospitality_guest_access | 4.2.1 | |
| oracle | hospitality_materials_control | 18.1 | |
| oracle | hospitality_simphony | * | |
| oracle | hospitality_simphony | 18.1 | |
| oracle | hospitality_simphony | 18.2 | |
| oracle | identity_manager | 12.2.1.3.0 | |
| oracle | insurance_accounting_analyzer | 8.0.9 | |
| oracle | insurance_allocation_manager_for_enterprise_profitability | 8.0.8 | |
| oracle | insurance_allocation_manager_for_enterprise_profitability | 8.1.0 | |
| oracle | insurance_data_foundation | * | |
| oracle | insurance_ifrs_17_analyzer | 8.0.6 | |
| oracle | insurance_ifrs_17_analyzer | 8.0.7 | |
| oracle | insurance_insbridge_rating_and_underwriting | * | |
| oracle | insurance_insbridge_rating_and_underwriting | 5.6.1.0 | |
| oracle | insurance_performance_insight | 8.0.7 | |
| oracle | jd_edwards_enterpriseone_tools | 9.2 | |
| oracle | jdeveloper | 11.1.1.9.0 | |
| oracle | jdeveloper | 12.2.1.3.0 | |
| oracle | jdeveloper | 12.2.1.4.0 | |
| oracle | jdeveloper_and_adf | 11.1.1.9.0 | |
| oracle | jdeveloper_and_adf | 12.1.3.0.0 | |
| oracle | jdeveloper_and_adf | 12.2.1.3.0 | |
| oracle | knowledge | * | |
| oracle | peoplesoft_enterprise_peopletools | 8.55 | |
| oracle | peoplesoft_enterprise_peopletools | 8.56 | |
| oracle | peoplesoft_enterprise_peopletools | 8.57 | |
| oracle | peoplesoft_enterprise_peopletools | 8.58 | |
| oracle | policy_automation | * | |
| oracle | policy_automation | 10.4.7 | |
| oracle | policy_automation | 12.1.0 | |
| oracle | policy_automation | 12.1.1 | |
| oracle | policy_automation_connector_for_siebel | 10.4.6 | |
| oracle | policy_automation_for_mobile_devices | * | |
| oracle | primavera_gateway | * | |
| oracle | primavera_gateway | * | |
| oracle | primavera_gateway | * | |
| oracle | primavera_gateway | * | |
| oracle | primavera_gateway | 15.2.18 | |
| oracle | primavera_unifier | * | |
| oracle | primavera_unifier | 16.1 | |
| oracle | primavera_unifier | 16.2 | |
| oracle | primavera_unifier | 18.8 | |
| oracle | real-time_scheduler | * | |
| oracle | rest_data_services | 11.2.0.4 | |
| oracle | rest_data_services | 12.1.0.2 | |
| oracle | rest_data_services | 12.2.0.1 | |
| oracle | rest_data_services | 18c | |
| oracle | rest_data_services | 19c | |
| oracle | retail_back_office | 14.0 | |
| oracle | retail_back_office | 14.1 | |
| oracle | retail_central_office | 14.0 | |
| oracle | retail_central_office | 14.1 | |
| oracle | retail_customer_insights | 15.0 | |
| oracle | retail_customer_insights | 16.0 | |
| oracle | retail_customer_management_and_segmentation_foundation | 18.0 | |
| oracle | retail_customer_management_and_segmentation_foundation | 19.0 | |
| oracle | retail_point-of-service | 14.0 | |
| oracle | retail_point-of-service | 14.1 | |
| oracle | retail_returns_management | 14.0 | |
| oracle | retail_returns_management | 14.1 | |
| oracle | service_bus | 11.1.1.9.0 | |
| oracle | service_bus | 12.1.3.0.0 | |
| oracle | service_bus | 12.2.1.3.0 | |
| oracle | siebel_mobile_applications | * | |
| oracle | siebel_ui_framework | 20.8 | |
| oracle | storagetek_tape_analytics_sw_tool | 2.3.0 | |
| oracle | system_utilities | 19.1 | |
| oracle | tape_library_acsls | 8.5 | |
| oracle | tape_library_acsls | 8.5.1 | |
| oracle | transportation_management | 1.4.3 | |
| oracle | utilities_mobile_workforce_management | * | |
| oracle | webcenter_sites | 12.2.1.3.0 | |
| oracle | weblogic_server | 10.3.6.0.0 | |
| oracle | weblogic_server | 12.1.3.0.0 | |
| oracle | weblogic_server | 12.2.1.3.0 | |
| oracle | weblogic_server | 12.2.1.4.0 | |
| oracle | weblogic_server | 14.1.1.0.0 | |
| joomla | joomla\! | * | |
| juniper | junos | 21.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D193C7-2259-492F-8B85-E74C57A7426A",
"versionEndExcluding": "3.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC5AB839-4DAC-45E7-9D0B-B528F6D12043",
"versionEndExcluding": "7.66",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9106BF81-B898-4EB0-B63C-9919D3B22260",
"versionEndExcluding": "8.5.15",
"versionStartIncluding": "8.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B37281E-9B44-42A5-AE0A-17CE6770995C",
"versionEndExcluding": "8.6.15",
"versionStartIncluding": "8.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E75C32CE-3FA9-4DC2-A22A-4A841D4911EB",
"versionEndExcluding": "1.11.9",
"versionStartIncluding": "1.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6F204D6-2C8A-4517-8E3C-328ED0D9D3E4",
"versionEndExcluding": "1.12.6",
"versionStartIncluding": "1.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "40513095-7E6E-46B3-B604-C926F1BA3568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9273745-6408-4CD3-94E8-9385D4F5FE69",
"versionEndIncluding": "3.1.3",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:cloudforms:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "04AC556D-D511-4C4C-B9FB-A089BB2FEFD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FA1A18F-D997-4121-A01B-FD9B3BF266CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "230E2167-9107-4994-8328-295575E17DF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A079FD6E-3BB0-4997-9A8E-6F8FEC89887A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "900D2344-5160-42A0-8C49-36DBC7FF3D87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4AA4B21-1BA9-4ED8-B9EA-558AF8655D24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C3F9EE5-FCFC-45B8-9F57-C05D42EE0FF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90CFEC52-A574-493E-A2AC-0EC21851BBFA",
"versionEndExcluding": "19.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_service_level_management:13.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3665B8A2-1F1A-490F-B01D-5B3455A6A539",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_service_level_management:13.3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8577D60-A711-493D-9246-E49D0E2B07E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_testing_suite:12.5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "17EA8B91-7634-4636-B647-1049BA7CA088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_testing_suite:13.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B4DF46F-DBCC-41F2-A260-F83A14838F23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_testing_suite:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E5BC0B6-0C66-4FC5-81F0-6AC9BEC0813E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_testing_suite:13.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "10F17843-32EA-4C31-B65C-F424447BEF7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_testing_suite:13.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C784CEE8-F071-4583-A72D-F46C7C95FEC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A125E817-F974-4509-872C-B71933F42AD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBE7BF09-B89C-4590-821E-6C0587E096B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ADAE8A71-0BCD-42D5-B38C-9B2A27CC1E6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E7231D2D-4092-44F3-B60A-D7C9ED78AFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7BDFC10-45A0-46D8-AB92-4A5E2C1C76ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*",
"matchCriteriaId": "18127694-109C-4E7E-AE79-0BA351849291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "33F68878-BC19-4DB8-8A72-BD9FE3D0ACEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_enterprise_collections:*:*:*:*:*:*:*:*",
"matchCriteriaId": "660DB443-6250-4956-ABD1-C6A522B8DCCA",
"versionEndIncluding": "2.8.0",
"versionStartIncluding": "2.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3625D477-1338-46CB-90B1-7291D617DC39",
"versionEndIncluding": "2.10.0",
"versionStartIncluding": "2.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:bi_publisher:5.5.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5CD806C1-CC17-47BD-8BB0-9430C4253BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DC56004-4497-4CDD-AE76-5E3DFAE170F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "274A0CF5-41E8-42E0-9931-F7372A65B9C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:big_data_discovery:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8C4C38FF-B75B-4DF1-BFB3-C91BDD10D90E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E869C417-C0E6-4FC3-B406-45598A1D1906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DFEFE2C0-7B98-44F9-B3AD-D6EC607E90DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55D98C27-734F-490B-92D5-251805C841B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:*",
"matchCriteriaId": "B796AC70-A220-48D8-B8CD-97CF57227962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6039DC7-08F2-4DD9-B5B5-B6B22DD2409F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*",
"matchCriteriaId": "790A89FD-6B86-49AE-9B4F-AE7262915E13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7231AF76-3D46-41C4-83E9-6E9E12940BD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E39D442D-1997-49AF-8B02-5640BE2A26CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9317C01-22AA-452B-BBBF-5FAFFFB8BEA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4534CF9-D9FD-4936-9D8C-077387028A05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D60384BD-284C-4A68-9EEF-0FAFDF0C21F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA44E38-EB8C-4E2D-8611-B201F47520E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A0E3537-CB5A-40BF-B42C-CED9211B8892",
"versionEndIncluding": "16.4.0",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C57FD3A-0CC1-4BA9-879A-8C4A40234162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "698FB6D0-B26F-4760-9B9B-1C65FBFF2126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F1D64BC-17BF-4DAE-B5FC-BC41F9C12DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E16A16E-BFA3-4D17-9B4E-B42ADE725356",
"versionEndIncluding": "6.4",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9264AF8A-3819-40E5-BBCB-3B6C95A0D828",
"versionEndIncluding": "4.3",
"versionStartIncluding": "4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D52F557F-D0A0-43D3-85F1-F10B6EBFAEDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3517A27-E6EE-497C-9996-F78171BBE90F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_operations_monitor:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C3CE8D5-6404-4CEB-953E-7B7961BC14D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "062E4E7C-55BB-46F3-8B61-5A663B565891",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB43DFD4-D058-4001-BD19-488E059F4532",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "086E2E5C-44EB-4C07-B298-C04189533996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA77B994-3872-4059-854B-0974AA5593D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5682DAEB-3810-4541-833A-568C868BCE0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC9AED-F81D-4344-AD97-EEF19B6EA8C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8198E762-9AD9-452B-B1AF-516E52436B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D0D177F6-25D9-4696-8528-3F57D91BAC12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "539DA24F-E3E0-4455-84C6-A9D96CD601B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "726DB59B-00C7-444E-83F7-CB31032482AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:diagnostic_assistant:2.12.36:*:*:*:*:*:*:*",
"matchCriteriaId": "80B6D265-9D72-45C3-AA2C-5B186E23CDAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB654DFA-FEF9-4D00-ADB0-F3F2B6ACF13E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37209C6F-EF99-4D21-9608-B3A06D283D24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B095CC03-7077-4A58-AB25-CC5380CDCE5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7015A8CB-8FA6-423E-8307-BD903244F517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5BC32AA-78BE-468B-B92A-5A0FFFA970FA",
"versionEndIncluding": "7.3.5",
"versionStartIncluding": "7.3.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA699B16-5100-4485-9BB7-85B247743B17",
"versionEndIncluding": "8.1.0",
"versionStartIncluding": "8.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7E00BA1-E643-45D9-97D3-EF12C29DB262",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2ACA29E6-F393-46E5-B2B3-9158077819A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_asset_liability_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "703DA91D-3440-4C67-AA20-78F71B1376DD",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "39B8DFFF-B037-4F29-8C8E-F4BBC3435199",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0D0EAC-300D-44B1-AD4A-93A368D5DBA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9CB2A0EB-E1C7-4206-8E64-D2EE77C1CD86",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A566893-8DCF-49E4-93D0-0ACCEFD70D3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A180039F-22C3-458E-967D-E07C61C69FAF",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00E5D719-249D-48B8-BAFC-1E14D250B3F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_data_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5F6B8C-2044-4E68-98BD-37B0CD108434",
"versionEndIncluding": "8.0.8",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:*:*:*:*:*:*:*:*",
"matchCriteriaId": "672949B4-1989-4AA7-806F-EEC07D07F317",
"versionEndIncluding": "8.0.9",
"versionStartIncluding": "8.0.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_data_integration_hub:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73E05211-8415-42FB-9B93-959EB03B090B",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9476D1DA-C8A8-40A0-94DD-9B46C05FD461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7DEE0A37-6B9A-43FE-B3E0-8AB5CA368425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CF6A5433-A7D9-4521-9D28-E7684FB76E5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC15899F-8528-4D10-8CD5-F67121D7F293",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F727AAC6-6D9F-4B28-B07C-6A93916C43A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30657F1B-D1FC-4EE6-9854-18993294A01D",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51C17460-D326-4525-A7D1-0AED53E75E18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30F0991A-8507-48C4-9A8E-DE5B28C46A99",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A00142E6-EEB3-44BD-AB0D-0E5C5640557F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00ED7CB0-96F7-4089-9047-A3AC241139C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "005E458D-4059-4E20-A620-B25DEBCE40C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74008AEE-589F-423E-8D77-EA54C36D776A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FD85DB06-692F-4E81-BEB7-1E41B438D1FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6149C89E-0111-4CF9-90CA-0662D2F75E04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6CDDF6CA-6441-4606-9D2F-22A67BA46978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6FA0B592-A216-4320-A4FE-ABCA6B3E7D7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CEA4D6CF-D54A-40DF-9B70-E13392D0BE19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6C521C-F104-4E26-82F2-6F63F94108BC",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "397B1A24-7C95-4A73-8363-4529A7F6CFCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "402B8642-7ACC-4F42-87A9-AB4D3B581751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EF6D5112-4055-4F89-A5B3-0DCB109481B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D262848E-AA24-4057-A747-6221BA22ADF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2163B848-D684-4B17-969A-36E0866C5749",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_profitability_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00615085-65B2-4211-A766-551842B3356F",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8E565DA-91BE-44FC-A28F-579BE8D2281A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "51DB64CA-8953-43BB-AEA9-D0D7E91E9FE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "669BA301-4D29-4692-823B-CDEDD2A5BD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "419559E6-5441-4335-8FE1-6ADAAD9355DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve:*:*:*:*:*:*:*:*",
"matchCriteriaId": "036E4450-53C6-4322-9C7D-91DA94C9A3C9",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_retail_customer_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89C26226-A3CF-4D36-BBDA-80E298E0A51F",
"versionEndIncluding": "8.0.6",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F67D1332-621E-4756-B205-97A5CF670A19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6748C867-0A52-452B-B4D6-DA80396F4152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A64B5C4C-DF69-4292-A534-EDC5955CDDAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7141C66-0384-4BA1-A788-91DEB7EF1361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "06E586B3-3434-4B08-8BE3-16C528642CA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:healthcare_foundation:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26A1F27B-C3AC-4D13-B9B2-2D6CF65D07BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:healthcare_foundation:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B95E8056-51D8-4390-ADE3-661B7AE1D7CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:healthcare_foundation:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFC8DAB-E5D8-420C-B800-08F8C5BF3F4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:healthcare_foundation:7.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9059A907-508B-4844-8D7B-0FA68C0DF6A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:healthcare_translational_research:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A5ACB1D2-69CE-4B7D-9B51-D8F80E541631",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:healthcare_translational_research:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F726C6-EA5A-40FF-8809-4F48E4AE6976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:healthcare_translational_research:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7C26E3-BB0D-4218-8176-319AEA2925C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:healthcare_translational_research:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD67072F-3CFC-480D-9360-81A05D523318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:healthcare_translational_research:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "652E762A-BCDD-451E-9DE3-F1555C1E4B16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A3DC116-2844-47A1-BEC2-D0675DD97148",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F1DF3E-0F2D-4EFC-9A3E-F72149C8AE94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AC63D10-2326-4542-B345-31D45B9A7408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:hospitality_simphony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BFD7783-BE15-421C-A550-7FE15AB53ABF",
"versionEndIncluding": "19.1.2",
"versionStartIncluding": "19.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:hospitality_simphony:18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1F7BF047-03C5-4A60-B718-E222B16DBF41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:hospitality_simphony:18.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3A73D81-3E1A-42E6-AB96-835CDD5905F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:identity_manager:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA10CA55-C155-4DAD-A109-87A80116F1A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "66136D6D-FC52-40DB-B7B6-BA8B7758CE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "06514F46-544B-4404-B45C-C9584EBC3131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD4BF9A-BF38-460D-974D-5B3255AAF946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:insurance_data_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92D538A5-819D-4DF7-85FE-4D4EB6E230E0",
"versionEndIncluding": "8.0.7",
"versionStartIncluding": "8.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:insurance_ifrs_17_analyzer:8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AEDA3A88-002B-4700-9277-3187C0A3E4B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:insurance_ifrs_17_analyzer:8.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BE886BC5-F807-4627-8233-2290817FE205",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B47C73D0-BE89-4D87-8765-12C507F13AFF",
"versionEndIncluding": "5.6.0.0",
"versionStartIncluding": "5.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B8AA91A-1880-43CD-938D-48EF58ACF2CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:insurance_performance_insight:8.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E6B5D7DB-C70E-4926-819F-E39B79F4D0C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "41684398-18A4-4DC6-B8A2-3EBAA0CBF9A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7506589-9B3B-49BA-B826-774BFDCC45B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "228DA523-4D6D-48C5-BDB0-DB1A60F23F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "335AB6A7-3B1F-4FA8-AF08-7D64C16C4B04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdeveloper_and_adf:11.1.1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37EB4A1D-A875-46B7-BEB0-694D1F400CF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdeveloper_and_adf:12.1.3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2233F287-6B9F-4C8A-A724-959DD3AD29AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdeveloper_and_adf:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2381FAB6-8D36-4389-98E4-74F3462654BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:knowledge:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E587602-BA7D-4087-BE29-ACE0B01BD590",
"versionEndIncluding": "8.6.3",
"versionStartIncluding": "8.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*",
"matchCriteriaId": "45CB30A1-B2C9-4BF5-B510-1F2F18B60C64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A735B4-4F3C-416B-8C08-9CB21BAD2889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1E416B-920B-49A0-9523-382898C2979D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*",
"matchCriteriaId": "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84668F58-6511-4E53-8213-13B440F454C1",
"versionEndIncluding": "12.2.15",
"versionStartIncluding": "12.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:policy_automation:10.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9D8B3B57-73D6-4402-987F-8AE723D52F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:policy_automation:12.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62BF043E-BCB9-433D-BA09-7357853EE127",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:policy_automation:12.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3F26FB80-F541-4B59-AC3C-633F49388B59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0DB5E2C7-9C68-4D3B-95AD-9CBF65DE1E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12D3B2F0-E9C7-432B-91C6-A6C329A84B78",
"versionEndIncluding": "12.2.15",
"versionStartIncluding": "12.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06CF27F6-ADC1-480C-9D2E-2BD1E7330C32",
"versionEndIncluding": "16.2.11",
"versionStartIncluding": "16.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4AA3854-C9FD-4287-85A0-EE7907D1E1ED",
"versionEndIncluding": "17.12.7",
"versionStartIncluding": "17.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8CD4002-F310-4BE4-AF7B-4BCCB17DA6FF",
"versionEndIncluding": "18.8.9",
"versionStartIncluding": "18.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69112C56-7747-4E11-A938-85A481529F58",
"versionEndIncluding": "19.12.4",
"versionStartIncluding": "19.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_gateway:15.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "D9E628E7-6CC5-418C-939F-8EEA69B222A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08FA59A8-6A62-4B33-8952-D6E658F8DAC9",
"versionEndIncluding": "17.12",
"versionStartIncluding": "17.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D55A54FD-7DD1-49CD-BE81-0BE73990943C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82EB08C0-2D46-4635-88DF-E54F6452D3A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*",
"matchCriteriaId": "202AD518-2E9B-4062-B063-9858AE1F9CE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:real-time_scheduler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99579D88-27C0-4B93-B2F4-69B6781BC4BD",
"versionEndIncluding": "2.3.0.3",
"versionStartIncluding": "2.3.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:*",
"matchCriteriaId": "36FC547E-861A-418C-A314-DA09A457B13A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:*",
"matchCriteriaId": "DF9FEE51-50E3-41E9-AA0D-272A640F85CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:*",
"matchCriteriaId": "E69E905F-2E1A-4462-9082-FF7B10474496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:*",
"matchCriteriaId": "0F9B692C-8986-4F91-9EF4-2BB1E3B5C133",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:rest_data_services:19c:*:*:*:-:*:*:*",
"matchCriteriaId": "C5F4C40E-3ABC-4C59-B226-224262DCFF37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_back_office:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31C7EEA3-AA72-48DA-A112-2923DBB37773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0735989-13BD-40B3-B954-AC0529C5B53D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_central_office:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "83B5F416-56AE-4DC5-BCFF-49702463E716",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_central_office:14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58405263-E84C-4071-BB23-165D49034A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_customer_insights:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD4AB77A-E829-4603-AF6A-97B9CD0D687F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_customer_insights:16.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6DE15D64-6F49-4F43-8079-0C7827384C86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "36E16AEF-ACEB-413C-888C-8D250F65C180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EFAEA84-E376-40A2-8C9F-3E0676FEC527",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_point-of-service:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "237968A4-AE89-44DC-8BA3-D9651F88883D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_point-of-service:14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E13DF2AE-F315-4085-9172-6C8B21AF1C9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_returns_management:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "959316A8-C3AF-4126-A242-3835ED0AD1E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BDB925C6-2CBC-4D88-B9EA-F246F4F7A206",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:service_bus:11.1.1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2B6C75-3EB5-4BCE-B5D1-39DD3DE94139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:service_bus:12.1.3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "70BEF219-45EC-4A53-A815-42FBE20FC300",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:service_bus:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA2023A-1AD6-41FE-A214-9D1F6021D6B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:siebel_mobile_applications:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA4E307-D5FA-461D-9809-BDD123AE7B74",
"versionEndIncluding": "19.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:siebel_ui_framework:20.8:*:*:*:*:*:*:*",
"matchCriteriaId": "98B9198C-11DF-4E80-ACFC-DC719CED8C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "587EE4F3-E7AC-4A69-9476-0E71E75EE7A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:system_utilities:19.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7961BBD-6411-4D32-947D-3940221C235B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:tape_library_acsls:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "162C6FD9-AEC2-4EBA-A163-3054840B8ACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:tape_library_acsls:8.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6879D52-A44E-4DF8-8A3A-3613822EB469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:transportation_management:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5AAF89C1-AAC2-449C-90C1-895F5F8843B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:utilities_mobile_workforce_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F2D3FA0-BD9D-4828-AE36-1CE43D9B07D1",
"versionEndIncluding": "2.3.0.3",
"versionStartIncluding": "2.3.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D551CAB1-4312-44AA-BDA8-A030817E153A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B40B13B7-68B3-4510-968C-6A730EB46462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C93CC705-1F8C-4870-99E6-14BF264C3811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F14A818F-AA16-4438-A3E4-E64C9287AC66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04BCDC24-4A21-473C-8733-0D9CFB38A752",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C63557DE-E65B-46F4-99C4-247EACCB7BBA",
"versionEndIncluding": "3.9.4",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*",
"matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype."
},
{
"lang": "es",
"value": "jQuery, en versiones anteriores a 3.4.0, como es usado en Drupal, Backdrop CMS, y otros productos, maneja mal jQuery.extend(true, {}, ...) debido a la contaminaci\u00f3n de Object.prototype. Si un objeto fuente no sanitizado conten\u00eda una propiedad enumerable __proto__, podr\u00eda extender el Object.prototype nativo."
}
],
"id": "CVE-2019-11358",
"lastModified": "2024-11-21T04:20:56.320",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-20T00:29:00.247",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/May/10"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/May/11"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/May/13"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/03/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108023"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2587"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3024"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://backdropcms.org/security/backdrop-sa-core-2019-009"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/jquery/jquery/pull/4333"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Apr/32"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Jun/12"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/May/18"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190919-0001/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://snyk.io/vuln/SNYK-JS-JQUERY-174006"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4434"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4460"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.drupal.org/sa-core-2019-006"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_19"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2019-08"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2020-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/May/10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/May/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/May/13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/03/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2587"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://backdropcms.org/security/backdrop-sa-core-2019-009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/jquery/jquery/pull/4333"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Apr/32"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Jun/12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/May/18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190919-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://snyk.io/vuln/SNYK-JS-JQUERY-174006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.drupal.org/sa-core-2019-006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_19"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2019-08"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2020-02"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CNVD-2019-11839
Vulnerability from cnvd - Published: 2019-04-22
VLAI Severity ?
Title
jQuery跨站脚本漏洞(CNVD-2019-11839)
Description
jQuery是美国John Resig程序员的一套开源、跨浏览器的JavaScript库。该库简化了HTML与JavaScript之间的操作,并具有模块化、插件扩展等特点。
jQuery 3.4.0之前版本中存在跨站脚本漏洞,该漏洞源于WEB应用缺少对客户端数据的正确验证。攻击者可利用该漏洞执行客户端代码。
Severity
中
Patch Name
jQuery跨站脚本漏洞(CNVD-2019-11839)的补丁
Patch Description
jQuery是美国John Resig程序员的一套开源、跨浏览器的JavaScript库。该库简化了HTML与JavaScript之间的操作,并具有模块化、插件扩展等特点。
jQuery 3.4.0之前版本中存在跨站脚本漏洞,该漏洞源于WEB应用缺少对客户端数据的正确验证。攻击者可利用该漏洞执行客户端代码。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/
Reference
https://nvd.nist.gov/vuln/detail/CVE-2019-11358
Impacted products
| Name | jQuery jQuery <3.4.0 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2019-11358"
}
},
"description": "jQuery\u662f\u7f8e\u56fdJohn Resig\u7a0b\u5e8f\u5458\u7684\u4e00\u5957\u5f00\u6e90\u3001\u8de8\u6d4f\u89c8\u5668\u7684JavaScript\u5e93\u3002\u8be5\u5e93\u7b80\u5316\u4e86HTML\u4e0eJavaScript\u4e4b\u95f4\u7684\u64cd\u4f5c\uff0c\u5e76\u5177\u6709\u6a21\u5757\u5316\u3001\u63d2\u4ef6\u6269\u5c55\u7b49\u7279\u70b9\u3002\n\njQuery 3.4.0\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eWEB\u5e94\u7528\u7f3a\u5c11\u5bf9\u5ba2\u6237\u7aef\u6570\u636e\u7684\u6b63\u786e\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u5ba2\u6237\u7aef\u4ee3\u7801\u3002",
"discovererName": "unknwon",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-11839",
"openTime": "2019-04-22",
"patchDescription": "jQuery\u662f\u7f8e\u56fdJohn Resig\u7a0b\u5e8f\u5458\u7684\u4e00\u5957\u5f00\u6e90\u3001\u8de8\u6d4f\u89c8\u5668\u7684JavaScript\u5e93\u3002\u8be5\u5e93\u7b80\u5316\u4e86HTML\u4e0eJavaScript\u4e4b\u95f4\u7684\u64cd\u4f5c\uff0c\u5e76\u5177\u6709\u6a21\u5757\u5316\u3001\u63d2\u4ef6\u6269\u5c55\u7b49\u7279\u70b9\u3002\r\n\r\njQuery 3.4.0\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eWEB\u5e94\u7528\u7f3a\u5c11\u5bf9\u5ba2\u6237\u7aef\u6570\u636e\u7684\u6b63\u786e\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u5ba2\u6237\u7aef\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "jQuery\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff08CNVD-2019-11839\uff09\u7684\u8865\u4e01",
"products": {
"product": "jQuery jQuery \u003c3.4.0"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"serverity": "\u4e2d",
"submitTime": "2019-04-22",
"title": "jQuery\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff08CNVD-2019-11839\uff09"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…